Report on Corporate Governance and Ownership Structures

Approved by the Board of Directors on 1 March 2022

Intesa Sanpaolo S.p.A. Registered Office: Piazza San Carlo, 156 10121 Torino, Italy Secondary Registered Office: Via Monte di Pietà, 8 20121 Milano Italy Share Capital Euro 10,084,445,147.92 - Torino Company Register and Fiscal Code 00799960158 "Intesa Sanpaolo" VAT Group representative Vat Code No. 11991500015 (IT11991500015) Included in the National Register of Banks No. 5361 ABI Code 3069.2 Member of the National Interbank Deposit Guarantee Fund and of the National Guarantee Fund and Parent Company of the banking group "Intesa Sanpaolo" included in the National Register of Banking Groups

This is an English translation of the original Italian document. In cases of conflict between the English language document and the Italian document, the interpretation of the Italian language document prevails.

Pag.

prevails.

REPORT ON CORPORATE GOVERNANCE AND OWNERSHIP STRUCTURES
Introduction	7
OVERVIEW	11
THE GOVERNANCE OF INTESA SANPAOLO	33
Compliance with the Italian Corporate Governance Code	35
PART I – Ownership structure and investor relations	37
Information on ownership structure
SHARE CAPITAL - Securities traded on non-European markets - Own Share
SHAREHOLDER BASE - Main Shareholders - Shareholders' agreements
Policy for the management of dialogue with investors
Relations with shareholders and the financial community – The website
The Shareholders' Meeting: procedures and shareholders' rights - Intesa Sanpaolo's Shareholders' Meeting - Calling meetings and procedure at meetings - Additions to the agenda and submission of new proposed resolutions - Right to ask questions on items on the agenda - Participation and representation – The Designated Representative - Voting rights - Challenges against shareholder meeting resolutions - Right of withdrawal
PART II – Corporate governance system	45
The Board of Directors	45
POWERS OF THE BOARD OF DIRECTORS	46
COMPOSITION OF THE BOARD OF DIRECTORS - Composition, diversity and appointment - Term of office, replacement and removal - Chairman and Deputy Chairperson - Managing Director	47
SUITABILITY REQUIREMENTS - Independence requirements: Independent Directors - Management or control positions of Directors and time commitment - Board induction	52

CONFLICTS OF INTEREST - Introduction - Interests of Directors - Transactions with related parties and associated entities and obligations of Board Members and General Managers of the Bank	56
THE BOARD OF DIRECTORS' SELF-ASSESSMENT	57
FUNCTIONING OF THE BOARD OF DIRECTORS - Calling of meetings - Reports to Directors - Conduct of meetings and the decision-making process - Frequency of meetings and Director attendance - Corporate Bodies and Corporate Affairs Department	59
THE MANAGEMENT CONTROL COMMITTEE - Duties and powers - Composition and appointment - Term of office, replacement and removal - Suitability requirements - Functioning of the Committee - Self-assessment of the Committee	63
BOARD COMMITTEES: COMPOSITION AND OPERATION - Nomination Committee - Remuneration Committee - Risks Committee - Committee for Transactions with Related Parties	69
INFORMATION FLOWS BETWEEN AND TO CORPORATE BODIES	76
PROCESSING OF CORPORATE INFORMATION - Inside information and Insiders List - Internal Dealing	76
Remuneration	77
Operating structure - Divisions, Governance Areas and Head Office Departments reporting directly to the Managing Director and CEO - Group Managerial Committees	79
Diversity and inclusion policy	81
PART III – Control and risk management system	83
MAIN CHARACTERISTICS	83
THE ROLE OF THE CORPORATE BODIES	85
THE ROLE OF THE MANAGERIAL COMMITTEES	86
CORPORATE CONTROL FUNCTIONS - The Chief Audit Officer - The Chief Risk Officer - The Chief Compliance Officer	88
THE MANAGER RESPONSIBLE FOR PREPARING THE COMPANY'S FINANCIAL REPORTS AND THE MONITORING OF THE FINANCIAL REPORTING PROCESS	91
THE LEGAL AFFAIRS HEAD OFFICE DEPARTMENT – GROUP GENERAL COUNSEL	92
THE SURVEILLANCE BODY AND THE ORGANISATIONAL, MANAGEMENT AND CONTROL MODEL PURSUANT TO LEGISLATIVE DECREE 231/2001	92

INDEPENDENT AUDITING	94
PART IV – SUMMARY TABLES	97
Table no. 1: Composition of the Board of Directors and Committees
Table no. 2: Lists of other management and control offices of Board Directors in other companies and entities
APPENDIX	103
Table no. 1: "Check List"
Table no. 2: "Art. 123-bis - Report on corporate governance and ownership structures"
Glossary	121

CONFLICTS OF INTEREST 56

THE BOARD OF DIRECTORS' SELF-ASSESSMENT 57

FUNCTIONING OF THE BOARD OF DIRECTORS 59

THE MANAGEMENT CONTROL COMMITTEE 63

BOARD COMMITTEES: COMPOSITION AND OPERATION 69

INFORMATION FLOWS BETWEEN AND TO CORPORATE BODIES 76

PROCESSING OF CORPORATE INFORMATION 76

Remuneration 77

Operating structure 79

Diversity and inclusion policy 81

PART III – Control and risk management system 83

MAIN CHARACTERISTICS 83

THE ROLE OF THE CORPORATE BODIES 85

THE ROLE OF THE MANAGERIAL COMMITTEES 86

CORPORATE CONTROL FUNCTIONS 88

THE LEGAL AFFAIRS HEAD OFFICE DEPARTMENT – GROUP GENERAL COUNSEL 92

THE MANAGER RESPONSIBLE FOR PREPARING THE COMPANY'S FINANCIAL REPORTS AND THE MONITORING OF THE FINANCIAL REPORTING PROCESS 91

THE SURVEILLANCE BODY AND THE ORGANISATIONAL, MANAGEMENT AND CONTROL MODEL PURSUANT TO LEGISLATIVE DECREE 231/2001 92

Divisions, Governance Areas and Head Office Departments reporting directly to the
Transactions with related parties and associated entities and obligations of Board Members
Introduction
Interests of Directors
Calling of meetings - Reports to Directors
Duties and powers
Suitability requirements - Functioning of the Committee - Self-assessment of the Committee
Nomination Committee - Remuneration Committee
Risks Committee
Internal Dealing
Composition and appointment
Term of office, replacement and removal
Committee for Transactions with Related Parties
Inside information and Insiders List

Managing Director and CEO - Group Managerial Committees

The Chief Audit Officer - The Chief Risk Officer - The Chief Compliance Officer

and General Managers of the Bank

Conduct of meetings and the decision-making process - Frequency of meetings and Director attendance - Corporate Bodies and Corporate Affairs Department

Introduction

Our Report, available in the "Governance" section of the Company's website, as well as in the authorised storage mechanism eMarket Storage, intends to provide to the market, in accordance with Article 123-bis of the Consolidated Law on Finance, annual and detailed information on ownership structures, compliance with the Corporate Governance Code, the Corporate Bodies' structure and operation as well as the corporate governance practices implemented.

The Report also fulfils the disclosure obligations laid down for banks by the Supervisory Provisions on corporate governance.

The Report outlines the aspects of compliance with the Principles and Recommendations of the Code, which set out, respectively, the good governance objectives and the actions considered appropriate to achieve them, in line with the Code's requirement to apply its Recommendations on a "comply or explain" basis.

The Report is preceded by an executive summary ("Overview") setting out key information and data, including through charts and tables, to provide an "at a glance" view of Intesa Sanpaolo's corporate governance model and of the Bank's and the Group's management characteristics. The Report consists of four Parts:

Ownership structure and investor relations
Corporate governance system
Control and risk management system
Summary tables on the Bodies' structure.

Information on the provisions of the Code concerning remuneration is mainly contained in the Report on Remuneration.

For the reader's convenience, margin notes are provided alongside the text with the relevant Principles and Recommendations of the Code, together with the requirements of paragraph 1 (ownership structures) and paragraph 2 (corporate governance) of Article 123-bis.

The Appendix to the document contains two checklists containing, respectively, the Principles and Recommendations of the Code - indicating whether or not they apply (including with modifications) and the provisions of Article 123-bis. Both checklists refer to the page(s) of the Report in which the matter is discussed.

The checklists should be read together with the detailed information in the text of the Report on the application of the individual provisions.

Lastly, the Glossary provides the definitions of the terms and abbreviations used in the text.

The information contained in this Report, unless otherwise stated, is updated as at 1 March 2022, the date of its approval by the Board of Directors.

The Report was audited for consistency by the independent auditors EY, in accordance with the aforementioned Article 123-bis. Their findings are published in the Independent Auditors' Reports, prepared in accordance with Article 14 of Italian Legislative Decree No. 39/2010, and annexed to the Parent Company's and consolidated financial statements.

Overview

Intesa Sanpaolo is a Bank listed on the MTA market (Mercato Telematico Azionario) organised and managed by Borsa Italiana. The Company's purpose is to take deposits and carry out all forms of lending activities, both directly and through its subsidiaries, together with any other transactions supporting or related to the achievement of its corporate purpose.

Corporate Governance model

Intesa Sanpaolo has adopted the "one-tier" management and control model, whereby management and control duties are performed, respectively, by the Board of Directors and the Management Control Committee set up within it, both appointed by the Shareholders' Meeting.

Shareholders' Meeting

The Shareholders' Meeting expresses the corporate will, in ordinary and extraordinary sessions, on the matters assigned to it by the law or by the Articles of Association. It approves the financial statements, appoints the members of the Board of Directors and of the Management Control Committee and the related Chairmen, as well as one or more Board Deputy Chairpersons.

Board of Directors	Management Control Committee

The Board – consisting of 19 members, 14 of whom are independent – is responsible for the company's management and performs guidance and strategic supervision duties. The Board appoints, from among its members, the Managing Director, who oversees the management of the company and the implementation of the Board's resolutions. It also appoints the Board Committees.

The Committee – consisting of 5 Members, all independent – exercises the powers and functions assigned by the applicable legislation to the control body and to the internal control committee, pursuant to Italian Legislative Decree No. 39/2010.

Board Committees

The Board Committees support with proposal-making, advisory and inquiry duties, each acting within its remit, the Board of Directors in performing its functions.

Nomination Committee

The Nomination Committee performs inquiry and advisory duties on the appointment and composition of the Board and on the appointment of the bodies of the main subsidiaries.

Remuneration Committee

The Remuneration Committee proposes, advises and inquires on compensation and on remuneration and incentive systems.

Risks Committee

The Risks Committee proposes, advises and inquires on risk governance and the organisation and operation of the internal control system. It also provides support on sustainability issues (ESG).

Committee for Transactions with Related Parties

The Committee for Transactions with Related Parties performs the tasks and duties assigned to it by the RPT Procedures, in accordance with the provisions laid down by the Consob Regulation on related parties and the Bank of Italy

BOARD OF DIRECTORS			MANAGEMENT CONTROL COMMITTEE

	i	m	Alberto Maria Pisani (C)
Gian Maria Gros-Pietro (C)			Fabrizio Mosca
Paolo Andrea Colombo (DC)	•		Milena Teresa Motta
Carlo Messina (CEO)			Maria Cristina Zoppo
Franco Ceruti Rossella Locatelli	•		Roberto Franchini
Luciano Nebbia
Bruno Picca
Livia Pomodoro	•
Maria Alessandra Stefanelli	•
Guglielmo Weber	•
Daniele Zamboni	•	•
Maria Mazzarella	•	•
Anna Gatti	•	•
Andrea Sironi (*)	•
Fabrizio Mosca	•
Milena Teresa Motta	•
Maria Cristina Zoppo	•
Alberto Maria Pisani	•	•
Roberto Franchini (*)	•	•

i Independent Director

^m Director elected from the minority slate (*

) appointed by the Shareholders' Meeting of 27 April 2020 after the resignation of two Directors. Director Andrea Sironi resigned from office, effective 28 February 2022.

BOARD COMMITTEES

NOMINATION COMMITTEE

Livia Pomodoro (C) Paolo Andrea Colombo Gian Maria Gros-Pietro Maria Mazzarella Bruno Picca

REMUNERATION COMMITTEE(*)

Paolo Andrea Colombo

(C) Franco Ceruti Anna Gatti Luciano Nebbia Andrea Sironi

RISKS COMMITTEE

Rossella Locatelli (C)

Franco Ceruti Bruno Picca Guglielmo Weber Daniele Zamboni

COMMITTEE FOR TRANSACTIONS WITH RELATED PARTIES

Daniele Zamboni (C) Rossella Locatelli Maria Mazzarella Andrea Sironi Maria Alessandra Stefanelli

(*) On 1 March 2022, Maria Alessandra Stefanelli was appointed member of the Remuneration Committee,replacing DirectorAndrea Sironi, who resigned from office.

Intesa Sanpaolo's one-tier governance model presents distinctive characteristics and significant advantages, summarised below, which are set out in detail both in this Overview and in the Report.

Composition of the Bodies	♦ Size appropriate to the Group's significance and complexity ♦ All non-executive Directors except for the Managing Director ♦ Wide majority of Independent Directors ♦ Qualified representation of minorities ♦ Full respect for diversity, including within the Board Committees ♦ Balancing and diversification of professional qualifications and skills, constantly updated and strengthened through specific induction plans ♦ Availability of time and commitment to their role by Directors
Allocation of functions	♦ Centralisation of strategic supervision and management functions within the Board ♦ Integration within the Board of the strategic supervision function with ex ante control activity ♦ Clear definition of the roles, duties and powers of the Board, Board Committees, Chairs and Managing Director ♦ Clear structure of the Board Committees – mostly composed of Independent Directors – and distribution of roles, tasks and responsibilities in line with the one-tier governance model
Decision-making process	♦ Sole discretion of the Board in key decisions ♦ Challenge role of the Board of Directors vis-à-vis the Managing Director and the Key Managers ♦ Structured analysis of proposals by the Board Committees ♦ Immediate circulation of information between the Bodies ♦ Important role of the Chairman in encouraging effective debate within the Board ♦ System of adequate and timely information flows, within the Bodies and between the Bodies and the corporate functions
Supervision and control	♦ More direct relationship between the Board, which decides and monitors the strategic guidelines, and the Managing Director, who proposes and implements them ♦ Enhancement of the effectiveness of the control function, centralised in the Management Control Committee established within the Board ♦ Proactive role of the Management Control Committee ♦ Increasing interaction between the Management Control Committee and the Risks Committee for the areas where this is required by the applicable legislation

Rossella Locatelli (C)

COMMITTEE FOR TRANSACTIONS WITH RELATED

Daniele Zamboni (C) Rossella Locatelli Maria Mazzarella Andrea Sironi

Maria Alessandra Stefanelli

PARTIES

) appointed by the Shareholders' Meeting of 27 April 2020 after the resignation of two Directors. Director Andrea Sironi resigned from office, effective 28 February 2022.

Alberto Maria Pisani (C)

MANAGEMENT CONTROL COMMITTEE

Fabrizio Mosca Milena Teresa Motta Maria Cristina Zoppo Roberto Franchini

Franco Ceruti Bruno Picca Guglielmo Weber Daniele Zamboni

COMMITTEE

RISKS

BOARD COMMITTEES

REMUNERATION COMMITTEE(*)

^m Director elected from the minority slate (

i m

Gian Maria Gros-Pietro (C) Paolo Andrea Colombo (DC) •

Rossella Locatelli •

Livia Pomodoro • Maria Alessandra Stefanelli • Guglielmo Weber • Daniele Zamboni • • Maria Mazzarella • • Anna Gatti • • Andrea Sironi (*) • Fabrizio Mosca • Milena Teresa Motta • Maria Cristina Zoppo • Alberto Maria Pisani • • Roberto Franchini (*) • •

Carlo Messina (CEO)

OF DIRECTORS

Composition of the Corporate Bodies

Franco Ceruti

BOARD

Luciano Nebbia Bruno Picca

i Independent Director

Paolo Andrea Colombo

(C)

(*) On 1 March 2022, Maria Alessandra Stefanelli was appointed member of the Remuneration Committee,replacing DirectorAndrea

Franco Ceruti Anna Gatti Luciano Nebbia Andrea Sironi

NOMINATION COMMITTEE

Livia Pomodoro (C) Paolo Andrea Colombo Gian Maria Gros-Pietro Maria Mazzarella Bruno Picca

Sironi, who resigned from office.

Board of Directors, Management Control Committee and Board Committees

	Board of Directors	Management Control Committee
Appointment	30 April 2019
Term of office	Three financial years
Expiry		Date of the Shareholders' Meeting for approval of the financial statements as at 31/12/2021
Members	19	5
Directors elected by the minority	5 (26%)	2 (40%)
Directors, less-represented gender	7 (37%)	2 (40%)
Executive Directors	1	-
Independent Directors	14 (74%)	5 (100%)
Average age of Directors	64	60
Average age of Independent Directors	62	60
Chairman's status	Non-executive	Non-executive

Board of Directors' breakdown

framework of the previous two-tier

governance model

Distinctive skills and expertise within the Board of Directors

Without prejudice to the general expertise required for all areas envisaged by the applicable legislation, the information provided refers to the skills declared by the individual Directors at a distinctive level, for their assessment by the Board at the time of their appointment. The indicated skills and expertise were subsequently strengthened and expanded through training programmes and the intensive induction plan for Board members, described in Part II of the Report.

Board induction

(*) in addition to 4 informal brainstorming meetings on the drafting of the 2022/2025 Business Plan

Thematic areas examined in the Board of Directors' meetings in 2021

Thematic areas examined in the Management Control Committee's meetings in 2021

Thematic areas examined in the Risks Committee's meetings in 2021

Board of Directors' meetings in 2021

Thematic areas examined in the Board of Directors' meetings in 2021

Relations with Supervisory Authorities

Governance, Personnel and Organisation, Remuneration

Financial statements, CNFS, ICAAP, Budget and Business Plan

Thematic areas examined in the Management Control Committee's meetings in 2021

Internal control system

COVID emergency

Equity investments

Controls and risks, RAF

Loans and finance

Other

13%

19%

10%

12%

14%

15%

16%

21%

24%

39%

23%

25%

Thematic areas examined in the Risks Committee's meetings in 2021

Risk governance and management

Information systems and business continuity

Business model, strategic guidelines and risk appetite

Administrative-accounting, financial statements and auditing system

Governance and organisational structure

Most significant transactions

Internal control system

Governance and organisational structure

Compliance with anti-money laundering regulations

IT systems, Risk Management and Business Continuity

Administrative-accounting and auditing system

Relations with Supervisory Authorities and action plan monitoring

Compliance with regulations and principles of correct management

Activity conducted as Parent Company

J	F	M	A	M	J	J	A	S	O	N	D
•	••	•••	•	•••	••	•••	••	••	•	•••	••
Total											25
Average length (h)								3h 20
	Attendance rate										99.8%
Independent Directors' meetings							1
		Meetings scheduled for 2022 (*)									10

• = number of monthly meetings

(*) until 29 April, the end date of the Board's term of office, and including the meetings included in the financial calendar for 2022

Management Control Committee's meetings in 2021

J	F	M	A	M	J	J	A	S	O	N	D
••••	••••••	••••	•••••	••••	••••	••••••	-	••	••••	••••	•••
Total											46
	Average length (h)										5
	Attendance rate										99.6%
	Meetings scheduled for 2022 (*)										18

• = number of monthly meetings

(*) until 29 April, date of termination of the Committee in office

Board Committees

Committee	Members	Less represented gender	Independent Members	Number of meetings in 2021	Average length of meetings (h)
Nomination Committee	5	2(*)	3	10	30'
Remuneration Committee	5	1	3	20	1h 20
Risks Committee	5	1(*)	3	52	5h 40
Committee for Transactions with Related Parties	5	3	5	15	50'

(*) including the Chair

Board Evaluation

Performance	Self-assessment Regulations	External consultant
Yes	Yes	Yes, professional assistance of Crisci & Partners, independent consulting company and expert on corporate governance practices

The self-assessment is conducted annually by both the Board of Directors and the Management Control Committee; for details, see the chapters on the two Bodies.

We provide below a diagram summarising the Board's self-assessment process, followed by a summary of positive findings and progress made, as well as some practices that should be developed further.

Results of the Self-assessment: adequacy and best practices

more than adequate management of the problems caused by the continuation of the pandemic into 2021, through attention to people and their safety, to the relevance of the Bank's social role and by ensuring the continuity and efficiency of operations
success of the UBI Group integration process

Board Evaluation

Yes Yes

developed further.

Information Collection

Performance Self-assessment Regulations External consultant

Committee; for details, see the chapters on the two Bodies.

Gathering of information on the qualitative-quantitative composition and functioning of the Body. According to the aspects considered, this stage involves the gathering of information already available to the Bank, as well as the use

Analysis and consolidation of the information gathered in the previous stage, while ensuring the

Nomination Committee review

and their collective discussion

Presentation of the findings from the data processing

Preparation of the Document "Results of the Board of Directors' Self-assessment", which summarises the methodologies adopted and the results achieved

Presentation of the Document to the BoD certifying the adequacy of the size, composition and operations of the Board and of the Committees, taking into account the

Self-assessment Results (see box below)

Formalisation of the results

BoD review

findings gathered

of questionnaires and individual interviews

anonymity of the Directors

Data Processing

The self-assessment is conducted annually by both the Board of Directors and the Management Control

We provide below a diagram summarising the Board's self-assessment process, followed by a summary of positive findings and progress made, as well as some practices that should be

Yes, professional assistance of Crisci & Partners, independent consulting company and expert on

corporate governance practices

strong appreciation for the time, commitment and attention put into the Business Plan and its development
adequate Board size and high profile in terms of the experience, professionalism, knowledge and expertise of its members. This enabled the Board to carry out analysis, approve strategic lines and objectives, ensure risk governance and monitor the activities and the pursuit of the Bank's sustainable success
positive overall balance ensured by Independent Directors
well-planned induction initiatives, despite the difficulties caused by the pandemic, focused on relevant and useful topics and delivered to an excellent standard, also in line with the Directors' indications
the documentation supporting the work is complete, organised, usable and timely; excellent participation and quality of management support in meetings
interaction among Board Members shows excellent levels of dialogue, collaboration and mutual trust
appropriate composition of Committees, whose opinions and recommendations have been rated as highly appropriate in providing timely and effective information and decision-making support to Board members for the matters under their remit
excellent information flows in terms of structure, timeliness and continuity, between the Bodies
strong appreciation of the Chairman and CEO for their standing and representativeness, entrepreneurial vision, attention to personnel and the social sphere, commitment and drive to deliver results
excellent quality and support provided by the secretariat

Practices that need to be further developed

Optimal qualitative/quantitative composition of the new Board

♦ the Board Committees should focus more explicitly on ESG (Environmental, Social and Governance) issues, in light of the Bank's commitment - also acknowledged by international indexes - to sustainability, social issues and quality of governance

♦ the frequency of meetings reserved for Independent Directors should be increased

Since 2021 was the last year of the three-year term of office, the board review forms the basis for the outgoing Board's remarks on the qualitative/quantitative composition deemed optimal for the new Board. These remarks are not included in the Governance Report but are provided in a separate document addressed to the Bank's shareholders, published on the website.

Remuneration

The following table shows the remuneration of the members of the Corporate Bodies for financial years 2019-2021, as resolved by the Shareholders' Meeting of 30 April 2019 and by the Board of Directors' meeting of 24 May 2019, pursuant to the Articles of Association and in line with the Remuneration Policies approved by the same Shareholders' Meeting. The foregoing without prejudice to the reimbursement of any expenses incurred due to their office.

Role	Gross annual remuneration (euro)	Attendance fee (euro)

Board Member who is not also a member of the Management Control Committee	120,000	/
Chairman of the Board of Directors (additional remuneration)	800,000	/
Deputy Chairperson of the Board of Directors (additional remuneration)	150,000	/
Board Member who is also a member of the Management Control Committee	260,000	/
Chair of the Management Control Committee (additional remuneration)	65,000	/
Managing Director (additional remuneration) (*)	500,000	/
Members of Committees appointed by the Board	/	2,500
Chairs of Committees appointed by the Board	60,000	/

(*) The Managing Director, in his/her capacity as General Manager, is also entitled to receive a gross annual remuneration, set at 2,000,000 euro by the Supervisory Board as from 1 March 2016, to participate in the incentive system and the supplementary pension scheme, and to receive the additional fringe benefits for the position determined by the Board of Directors in accordance with the Remuneration and Incentive Policies for employees.

For further information and details, see the Report on Remuneration.

Control and risk management system

The internal control system is a set of rules, functions, structures, resources, processes and procedures aimed at achieving the following objectives:

Remuneration

remuneration)

Board

(additional remuneration)

(euro) Attendance fee (euro)

120,000 /

800,000 /

150,000 /

260,000 /

65,000 /

/ 2,500

reimbursement of any expenses incurred due to their office.

Board Member who is not also a member of the

Chairman of the Board of Directors (additional

Deputy Chairperson of the Board of Directors

Board Member who is also a member of the

Chair of the Management Control Committee

Members of Committees appointed by the

Management Control Committee

Role Gross annual remuneration

Managing Director (additional remuneration) (*) 500,000 /

Chairs of Committees appointed by the Board 60,000 /

For further information and details, see the Report on Remuneration.

verification of the implementation of Company strategies and policies;
containment of risks within the limits indicated by the Bank (Risk Appetite Framework);
safeguarding of asset value and protection from losses;
effectiveness and efficiency of the Company processes;
reliability and security of Company information and IT procedures;
prevention of the risk that the Bank may be involved, including involuntarily, in illegal activities;
compliance of business operations with the law and supervisory regulations, as well as internal policies, procedures and regulations.

The Corporate Bodies ensure the completeness, adequacy, functionality and reliability of the internal control system at Group level, in compliance with the Supervisory Provisions on the control system and with the Supervisory Provisions on corporate governance.

The Board of Directors defines and approves the guidelines of the internal control system, the risk appetite, and the risk management policies and processes

The Risks Committee supports the Board in the performance of its strategic supervision and guidance duties on the internal control system and risk matters

The Management Control Committee monitors the completeness, adequacy, functionality and reliability of the internal control system and the risk appetite framework (RAF)

The Managing Director and CEO carries out the Board's resolutions implementing the strategic guidelines, the RAF and the risk governance policies, and ensures integrated management of all corporate risks

The Surveillance Body – composed of parties external to the Bank and vested with independent initiative and control powers – supervises the operation, effectiveness and compliance with Model 231 adopted by the Bank, pursuant to Italian Legislative Decree 231/2001 on the administrative liability of companies, and supports the competent Bodies when implementing or amending the Model.

The internal control system is based on three levels:

Level I

This level consists of line controls designed to ensure the proper conduct of the operations. Where possible, these controls are embedded in the IT procedures. These controls may be carried out directly by the Operating and Business Structures (so-called "Level I functions"), including through units dedicated solely to control duties, or implemented in the back office.

Level II

This level consists of risk and compliance controls to ensure, inter alia, the correct implementation of the risk management process; observance of the operating limits assigned to the various functions; compliance of company operations with the rules, including selfgovernance rules. These controls are overseen by the Chief Compliance Officer Governance Area, to which the Anti Financial Crime Head Office Department also reports, and by the Chief Risk Officer Governance Area, to which the Internal Validation and Controls Head Office Department reports; these Structures (so-called "Level II control functions") are separate from the operating structures and from internal audit.

Level III

This level consists of internal audit controls – assigned to the Chief Audit Officer – to identify breaches of procedures and regulations, and to assess periodically the completeness, adequacy, functionality (in terms of efficiency and effectiveness) and reliability of the organisational structure of the other components of the internal control system and information system at Group level.

The main activities under level III and II controls are described below:

Chief Audit Officer

Ensuring ongoing independent monitoring of the regular performance of the Bank and Group operations and processes, evaluating the functionality of the internal control system
Providing advice to the Group's corporate functions
Ensuring supervision of the subsidiaries' internal control system
Supporting corporate governance and ensuring that the Corporate Bodies and the competent Supervisory Authorities (ECB, Bank of Italy, Consob, etc.) promptly and systematically receive information on the control system

Chief Compliance Officer	Chief Risk Officer
• Ensuring monitoring of Group regulatory compliance risk • Defining guidelines and policies on Group regulatory compliance • Coordinating the implementation of guidelines and policies on regulatory compliance • Collaborating with the other corporate control functions to achieve effective integration of the risk management process • Managing relations with the Corporate Bodies and Supervisory Authorities on compliance issues	• Governing the process of RAF definition, approval, control and implementation • Assisting the Corporate Bodies in defining risk management guidelines and policies • Coordinating the implementation of risk management guidelines and policies by the Group units • Ensuring the measurement and control of Group exposure to the various types of risk • Ensuring the monitoring of credit quality • Validating internal risk measurement systems

Chief Compliance Officer

Chief Risk Officer

• Ensuring monitoring of Group regulatory compliance risk
• Defining
guidelines
and
policies
on
Group
regulatory
compliance
• Coordinating the implementation of guidelines and policies on
regulatory compliance
• Collaborating with the other corporate control functions to
achieve effective integration of the risk management process
• Managing relations with the Corporate Bodies and Supervisory
Authorities on compliance issues

• Governing the process of RAF definition, approval, control and
implementation
• Assisting the Corporate Bodies in defining risk management
guidelines and policies
• Coordinating the implementation of risk management guidelines
and policies by the Group units
• Ensuring the measurement and control of Group exposure to
the various types of risk
• Ensuring the monitoring of credit quality
• Validating internal risk measurement systems

The detailed description of the internal control and risk management system as well as of the roles of the Corporate Bodies and Structures involved is contained in Part III of this Report.

Share capital and ownership structure

Level I

The internal control system is based on three levels:

The main activities under level III and II controls are described below:

Italy, Consob, etc.) promptly and systematically receive information on the control system

Level II

Level III

Chief Audit Officer • Ensuring ongoing independent monitoring of the regular performance of the Bank and Group operations and processes, evaluating

• Supporting corporate governance and ensuring that the Corporate Bodies and the competent Supervisory Authorities (ECB, Bank of

Chief Compliance Officer Chief Risk Officer

The detailed description of the internal control and risk management system as well as of the roles of

the Corporate Bodies and Structures involved is contained in Part III of this Report.

implementation

guidelines and policies

the various types of risk

and policies by the Group units

• Ensuring the monitoring of credit quality • Validating internal risk measurement systems

• Governing the process of RAF definition, approval, control and

• Assisting the Corporate Bodies in defining risk management

• Coordinating the implementation of risk management guidelines

• Ensuring the measurement and control of Group exposure to

the functionality of the internal control system • Providing advice to the Group's corporate functions

• Ensuring supervision of the subsidiaries' internal control system

• Coordinating the implementation of guidelines and policies on

• Collaborating with the other corporate control functions to achieve effective integration of the risk management process • Managing relations with the Corporate Bodies and Supervisory

• Ensuring monitoring of Group regulatory compliance risk • Defining guidelines and policies on Group regulatory

compliance

regulatory compliance

Authorities on compliance issues

Intesa Sanpaolo's share capital amounts to 10,084,445,147.92 euro, divided into 19,430,463,305 ordinary shares without nominal value as set out below:

	No. of shares	% share capital	Listing	Rights
Ordinary shares	19,430,463,305	100%	Borsa Italiana MTA	Right to attend and vote at Ordinary and Extraordinary Shareholders' Meetings (each share carries one voting right)
Other information YES NO
Restrictions on voting rights x
Securities granting special rights x
Limitations on share ownership x
Restrictions on share transfers x
Employee share ownership x
Shareholders' agreements (*) x
Minimum shareholding for submission of slates 0.5%

(*) shareholders' consultation and voting agreement referred to the Shareholders' Meeting of Intesa Sanpaolo scheduled for 29 April 2022 (see Part I of the Report)

According to the entries in the Shareholders' Register and other available information concerning the dividends paid, the approximate number of Intesa Sanpaolo shareholders is 373,300; the chart below shows the trend in their number

( 1) This figure is an estimate based on the mass survey of the Intesa Sanpaolo shareholder base available (May 2019), plus the evidence from the subscriptions to the Public Purchase and Exchange Offer on UBI Banca shares ( 2 ) This figure refers to the coupon presentation date of the distribution of part of the extraordinary reserve for the 2020 results, as decided by the Ordinary Shareholders' Meeting held on 14 October 2021.

The list of the main shareholders is provided in Part I of the Report.

The following chart shows the ownership structure by geographical area, type of shareholders and size of shareholding, on the basis of the names of the recipients of the part of the Extraordinary Reserve distributed from the 2020 net income, provided by the intermediaries (coupon presentation date 18 October 2021).

Ownership structure by geographical area

Ownership structure by type of shareholders

Foreign institutional

Ownership structure by size of shareholding

Number of shareholders	Size of shareholding	Number of shares (%)

310,091	1 - 10,000	786,876,579 (4.05)
56,201	10,001 - 100,000	1,562,248,145 (8.04)
4,947	100,001 - 500,000	1,024,663,226 (5.27)
783	500,001 - 1,000,000	551,336,876 (2.84)
875	1,000,001 - 5,000,000	1,950,323,109 (10.04)
431	> 5,000,001	13,395,843,138 (68.94)

Shareholders' Meeting

40.84%

Italy

Continental Europe

USA and Canada

UK and Ireland

Rest of the world

Individual reports not

shareholders Size of shareholding Number of shares (%)

310,091 1 - 10,000 786,876,579 (4.05) 56,201 10,001 - 100,000 1,562,248,145 (8.04) 4,947 100,001 - 500,000 1,024,663,226 (5.27) 783 500,001 - 1,000,000 551,336,876 (2.84) 875 1,000,001 - 5,000,000 1,950,323,109 (10.04) 431 > 5,000,001 13,395,843,138 (68.94)

Foreign institutional

Retail shareholders

Italian institutional

Individual reports not

Other Italian investors

Foundations of banking

investors

available

investors Own shares

available

origin

October 2021).

Ownership structure by geographical area

8.75%

18.13%

Ownership structure by type of shareholders

0.48%

27.24%

16.87%

Ownership structure by size of shareholding

17.20% 58.26%

6.21% 0.16% 0.82%

4.22% 0.82%

Number of

The Shareholders' Meeting is one of the main opportunities for Intesa Sanpaolo to engage in contact and dialogue with shareholders and, conversely, for shareholders to participate actively in the Bank's operations and express their will, in the manner and on the topics established by law and the Articles of Association.

The Shareholders' Meeting can be Ordinary or Extraordinary. The Ordinary Shareholders' Meeting, whose duties include approving the financial statements, must be called at least once a year, no later than one hundred and eighty days after the end of the financial year. The Extraordinary Shareholders' Meeting is called to approve amendments to the Articles of Association (without prejudice to the Board's power to align the Articles of Association with the law), merger and demerger transactions in the cases provided for by law, and on any other matter within its purview pursuant to the law.

In 2021, two Shareholders' Meetings were held: the Ordinary and Extraordinary Shareholder's Meeting of 28 April and the Ordinary Shareholders' Meeting of 14 October.

All the resolutions tabled were approved; below are the items on the agenda with the respective percentages of votes in favour.

	Shareholders' Meeting of 28 April	% votes in favour
	Financial Statements  Approval of the Parent Company's 2020 Financial Statements  Allocation of net income for the year and distribution to shareholders of the dividend and part of the Share Premium Reserve;	99.64% 99.87%
		91.78%
Ordinary part	Remuneration  Report on remuneration policy and compensation paid: Section I – Remuneration and incentive policies of the Intesa Sanpaolo Group for 2021  Report on remuneration policy and compensation paid: non-binding resolution on Section II - Disclosure on compensation paid in financial year 2020  Extension of the increase in the cap on the non-recurring to recurring remuneration in the context of the package offered to the newly recruited Financial Advisors of the Intesa Sanpaolo Group;  Approval of the 2021 Annual Incentive Plan based on financial instruments  Update of the 2018-2021 POP (Performance Call Option) Long-term Incentive Plan for Top Management, Risk Takers and Key Managers  Directors' and Officers' Liability Insurance	93.75%
		99.59%
		98.82%
		64.92%
		97.84%
	Own shares  Authorisation to purchase and dispose of own shares to serve Incentive Plans
	 Authorisation to purchase and dispose of own shares for trading purposes	97.29%

Extraordinary part	Amendments to the following Articles of the Articles of Association: Articles 2 (Registered office), 13 (Board of Directors and Management Control Committee), 14 (Election of the Board of Directors), 17 (Meetings and resolutions of the Board of Directors), 18 (Powers of the Board of Directors), 19 (Chairman of the Board of Directors), 29 (Financial statements and net income); repeal of Title VIII of the Articles of Association (Transitory and final rules comprising Articles 34 and 35)	99.82%

	Shareholders' Meeting of 14 October	% votes in favour
Ordinary part	Resolutions regarding reserves  Distribution of part of the Extraordinary reserve for the 2020 results  Placing of a tax suspension constraint on part of the Share premium reserve, following the tax realignment of certain intangible assets	99.92% 99.99%

The full text of the resolutions adopted by the Shareholders' Meetings is contained in the minutes published on the Bank's website ("Governance" / "Shareholders' Meeting"), where the meeting reports and documents submitted to the Shareholders' Meetings are also published, along with the summary report of the respective votes.

For both of the Shareholders' Meetings held in 2021, in light of the Covid-19 health emergency, Intesa Sanpaolo took all the necessary arrangements to ensure:

♦ protection of the safety and health of the Company's shareholders, employees, management body members and advisors
♦ the exercise of the shareholders' rights.

The arrangements made for the meetings were suitably communicated in the respective notices of call.

To avoid the risks associated with the continuing health emergency and ensure compliance with the applicable legislation (Legislative Decree No. 18 of 17 March 2020, converted by Law No. 27 of 24 April 2020, as subsequently amended)

♦ the role of the Designated Representative pursuant to Article 135 undecies of the Consolidated Law on Finance was strengthened: participating and voting in the Shareholders' Meeting by the entitled parties was allowed exclusively through Computershare S.p.A., without in-person attendance; where a proxy was issued through the ad hoc IT platform, the deadline for issuing proxies was extended, for the shareholders' benefit, to 12:00 noon of the day prior to the Shareholders' Meeting
♦ the members of the Corporate Bodies participated remotely: at the Turin office, where the Shareholders' Meetings were convened, only the Chairman, the Designated Representative and the Secretary (Notary) were present in person.

Taking into account the particular method of participation by the shareholders, Intesa Sanpaolo

♦ enabled shareholders with voting rights to submit, on the matters permitted by the law, proposals for resolution and/or voting on the items on the agenda, which were then published on the website, to enable all shareholders with voting rights to appoint proxies and give them voting instructions in an informed manner, also taking into account any new proposals submitted by the deadline
♦ brought forward the deadline for submitting pre-meeting questions to the record date, and published said questions and their answers in an ad hoc section of the website before the deadline for exercising the right to vote through the Designated Representative.

The next Shareholders' Meeting will be held on 29 April 2022.

Shareholders' rights

request.

Shareholders' Meeting of 14 October % votes in

subsequently amended)

prior to the Shareholders' Meeting

shareholders, Intesa Sanpaolo

Secretary (Notary) were present in person.

♦ the role of the Designated Representative pursuant to Article 135 undecies of the Consolidated Law on Finance was strengthened: participating and voting in the Shareholders' Meeting by the entitled parties was allowed exclusively through Computershare S.p.A., without in-person attendance; where a proxy was issued through the ad hoc IT platform, the deadline for issuing proxies was extended, for the shareholders' benefit, to 12:00 noon of the day

♦ the members of the Corporate Bodies participated remotely: at the Turin office, where the Shareholders' Meetings were convened, only the Chairman, the Designated Representative and the

Taking into account the particular method of participation by the

♦ enabled shareholders with voting rights to submit, on the matters permitted by the law, proposals for resolution and/or voting on the items on the agenda, which were then published on the website, to enable all shareholders with voting rights to appoint proxies and give them voting instructions in an informed manner, also taking into account any new proposals submitted by the deadline ♦ brought forward the deadline for submitting pre-meeting questions to the record date, and published said questions and their answers in an ad hoc section of the website before the deadline for exercising the right to vote through the Designated Representative.

Placing of a tax suspension constraint on part of the Share premium reserve, following

Distribution of part of the Extraordinary reserve for the 2020 results

the tax realignment of certain intangible assets

Ordinary

part

Resolutions regarding reserves

report of the respective votes.

For both of the Shareholders' Meetings held in 2021, in light of the Covid-19 health emergency, Intesa Sanpaolo took all the necessary arrangements to

♦ protection of the safety and health of the Company's shareholders, employees, management body

♦ the exercise of the shareholders'

The arrangements made for the meetings were suitably communicated

The next Shareholders' Meeting will be held on 29 April 2022.

members and advisors

in the respective notices of call.

ensure:

rights.

favour

99.92% 99.99% The Meeting may be attended by persons holding voting rights at the close of the accounting day on the seventh trading day prior to the date of the meeting on first or single call (record date), who have sent the Company a notice of participation through the authorised intermediary. Those entitled to vote may be represented at the Shareholders' Meeting by a proxy. Moreover, for each Shareholders' Meeting, Intesa Sanpaolo appoints a "Designated Representative", giving information thereof in the notice of call. The entitled persons may appoint him/her as their proxy free of charge, with voting instructions on all or some of the agenda items. Shareholders severally or jointly representing at least one-fortieth of the share capital may, within ten days of publication of the notice of call, request additions to the list of items on the agenda or submit proposals for resolutions on items already on the agenda, specifying the additional items or proposals in their Those entitled to vote may ask questions concerning items on the agenda even prior to the Shareholders' Meeting, by the deadline stated in the notice of call. Answers to questions received prior to the Meeting are given during the Meeting at the latest. The Shareholders' Meeting is called by notice(1) published on the Bank's website at least thirty days prior to the meeting date, and, in extract, in daily newspapers. If the Shareholders' Meeting is called to appoint Board Directors, the notice must be published by an earlier deadline of forty days prior to the meeting date(2).

(1) The notice of call provides detailed information on the day, time and place of the meeting, as well as the items on the agenda; it also provides information on the procedures for participating and voting at the Shareholders' Meeting, the record date, the terms and methods for asking questions on items on the agenda, and the terms and methods for obtaining the Meeting documentation. The Shareholders' Meeting reports and documents to be submitted to the Meeting are made available to the public at the Bank's registered office and in the dedicated section of its website ("Governance" / "Shareholders' Meeting") – accessible directly from the homepage – by the deadline for publication of the notice of call set according to the items on the agenda and in any event by the deadline established by law.
(2) In this case, shareholders holding at least 0.5% of the share capital (or any other lower percentage under applicable legislation) may submit a slate of candidates for the position of Director containing from a minimum of 2 (two) to a maximum of 19 (nineteen) names. The slate of candidates must be filed with the registered office at least 25 calendar days before the day scheduled for the Shareholders' Meeting on first call and is made available to the public by the Company at its registered office, on its website and in any other way required by applicable law at least 21 days before the date of the Meeting.

Intesa Sanpaolo considers the dialogue between the Board of Directors and the shareholders/investors to be key to achieving the company's sustainable success.

The "Policy for the management of dialogue with investors" sets out the principles that specifically govern the dialogue of the Board of Directors with investors (meaning investors, including potential investors, other than individuals and, in the case of individuals, only the holders of Intesa Sanpaolo shares) and proxy advisors.

The text of the "Policy" is published on the website; detailed information on the Policy is provided in Part I of the Report.

Shareholders' majorities

At Intesa Sanpaolo, the quorum required for the validity of the Shareholders' Meetings and of its resolutions – both in ordinary and extraordinary session – is that determined by applicable regulations.

The quorum required for Shareholders' Meetings is the proportion of share capital that must be represented in order for the Meeting to be declared valid. Voting majorities refer to the proportion of share capital required for the shareholders' resolutions to be approved.

The Shareholders' Meeting is usually held in single call, with the application of the following quorums:

Ordinary Shareholders' Meeting	Single call

Quorum	The proportion of share capital represented by the entitled parties attending
Voting majority (*)	Absolute majority of the share capital represented at the Meeting

(*) Pursuant to the Supervisory Provisions on remuneration, the Board's proposal regarding the setting of a limit higher than 100% (1:1 ratio) for the ratio between the variable and the fixed component of the individual remuneration of key personnel is approved by the ordinary Shareholders' Meeting when: (i) the meeting is held with at least half of the share capital and the resolution is taken with the favourable vote of at least 2/3 of the share capital represented at the meeting; or (ii) the resolution is passed with a favourable vote of at least 3/4 of the share capital represented at the meeting, regardless of the quorum with which it was called. The foregoing is without prejudice to the provisions of the Articles of Association for the election of the Board and the Management Control Committee; on this point, reference is made to the detailed description contained in Part II of the Report.

Extraordinary Shareholders' Meeting	Single call

Quorum	Any number of entitled parties representing at least one-fifth of the share capital
Voting majority	At least two-thirds majority of the share capital represented at the Meeting

Share capital attendance at the Shareholders' Meeting in the last five years

The sustainability commitment

In setting long-term growth and value creation objectives, Intesa Sanpaolo is aware of the social and environmental impact of its business activities. Therefore, the Group promotes a style of development that concentrates on the long-term sustainability of results, paying constant attention to its employees and customers, supporting the economies and communities in the areas in which it operates, placing special focus on environmental protection and enhancement, and on the fight against climate change.

Intesa Sanpaolo is committed to strengthening its leadership in corporate social responsibility, aiming to become a reference model in terms of sustainability and social and cultural responsibility.

In order to establish a framework of values and principles, and to provide disclosures on various issues related to sustainability/ESG (Environmental, Social and Governance), Intesa Sanpaolo adopts and publishes specific documents, including the Code of Ethics and the Consolidated Non-financial Statement pursuant to Italian Legislative Decree No. 254/2016 (CNFS), to which reference is made, as well as various policies regarding specific areas of the Bank's activities (human rights, the environment, loans to specific sectors).

t
1	1
4
f

Shareholders' majorities

Extraordinary Shareholders'

58% 64%

The quorum required for Shareholders' Meetings is the proportion of share capital that must be represented in order for the Meeting to be declared valid. Voting majorities refer to the proportion of

The Shareholders' Meeting is usually held in single call, with the application of the following quorums:

Ordinary Shareholders' Meeting Single call

Quorum The proportion of share capital represented by the entitled parties attending

Voting majority (*) Absolute majority of the share capital represented at the Meeting (*) Pursuant to the Supervisory Provisions on remuneration, the Board's proposal regarding the setting of a limit higher than 100% (1:1 ratio) for the ratio between the variable and the fixed component of the individual remuneration of key personnel is approved by the ordinary Shareholders' Meeting when: (i) the meeting is held with at least half of the share capital and the resolution is taken with the favourable vote of at least 2/3 of the share capital represented at the meeting; or (ii) the resolution is passed with a favourable vote of at least 3/4 of the share capital represented at the meeting, regardless of the quorum with which it was called. The foregoing is without prejudice to the provisions of the Articles of Association for the election of the Board and the Management

Meeting Single call

Quorum Any number of entitled parties representing at least one-fifth of the share capital

Voting majority At least two-thirds majority of the share capital represented at the Meeting

Share capital attendance at the Shareholders' Meeting in the last five years

2017 2018 2019 2020 2021 (28/4) 2021 (14/10)

53% 52% 57% 56%

Control Committee; on this point, reference is made to the detailed description contained in Part II of the Report.

share capital required for the shareholders' resolutions to be approved.

The Code of Ethics – available on the Company's website – is the reference document for integrating social and environmental considerations in the company's processes, practices and decisions; it contains voluntary commitments in the management of relations with all the Group's internal and external stakeholders and lays down the pillars of the corporate culture and the core values which inform the rules of conduct towards said stakeholders.

All the Group's people, in Italy and abroad, are expected to behave in a manner that complies and is consistent with the values and principles set out in the Code. Each Group company must ensure that its actions and activities match those values and principles, consistently with its specific characteristics.

The CNFS – approved annually by the Board of Directors and available on the Company's website – reports on the activities performed during the year, the Group's ability to operate in accordance with its stated objectives and values, and its commitment to pursuing improvement objectives, on the basis of the business strategies and taking on board the stakeholders' legitimate expectations.

Moreover, Intesa Sanpaolo publishes, on a voluntary basis, a half-yearly Consolidated Nonfinancial Report with the key indicators.

Focus: Environment and Climate Change

In 2021, Intesa Sanpaolo implemented a number of initiatives focusing on the environment and climate change. This included, on the suggestion of the European Central Bank, drafting an Action Plan setting out current and planned activities.

Intesa Sanpaolo, by adhering to the United Nations' Net Zero Alliance, has set for itself the target of achieving net zero emissions by 2050, committing to supporting the transition towards a low-carbon economy.

The Company adopts and updates specific internal regulations, applied to all the Group companies in all the countries in which they operate, designed to combat climate change.

Specifically, the Group's updated policies on lending in the coal and unconventional oil & gas sectors respectively, published in 2021, provide for various lending exclusions and limitations, and the phasing out of coal mining by 2025 and of unconventional oil and gas resources by 2030.

Moreover, in 2021 Intesa Sanpaolo published its first Groupwide TCFD Report for 2020-2021, which, in line with international best practices, expands the disclosures on climate change already aligned with the Recommendations of the Task Force on Climate-related Financial Disclosures.

Sustainability governance

Intesa Sanpaolo has steadily strengthened its sustainability governance/ESG over the years; below are the main responsibilities of the Bank's Bodies and Structures in the area of sustainability/ESG.

Board of Directors

The Board, with the support of the Risks Committee, approves the updates to the Code of Ethics, as well as the strategic guidelines and policies on sustainability (ESG), including the social and cultural responsibility model and the fight against climate change – taking into account the objectives of solid and sustainable value creation and distribution to all stakeholders; again with the support of the Risks Committee, it approves the CNFS, monitoring the Group's sustainability performance, including in the fight against climate change, and ensuring that the CNFS is drawn up and published in compliance with the regulations.

Risks Committee

The Committee supports the Board in assessing and investigating the sustainability (ESG) issues associated with the Bank's activities and in approving the strategic guidelines and policies on sustainability, including the social and cultural responsibility model and the fight against climate change, to ensure more efficient risk monitoring and taking into account the objectives of solid and sustainable value creation and distribution to all stakeholders. The Committee also supports the Board in updating the Code of Ethics and the CNFS, studying in depth, in particular, the contents of the materiality matrix, which identifies potential material issues in the area of sustainability.

Management Control Committee

The Committee, which is provided annually with a Report on the implementation and governance of the Code of Ethics, supervises compliance with the principles and values of the Code, with the assistance of the competent sustainability (ESG) and internal audit departments. With reference to the CNFS, it oversees compliance with the provisions of Italian Legislative Decree No. 254/2016 and provides information on the matter in the annual report to the Shareholders' Meeting.

Managing Director and CEO

The Managing Director and CEO governs sustainability performance and has the power to submit proposals to the Board for the adoption of resolutions within its remit.

Steering Committee

The Committee cooperates in identifying potentially relevant sustainability (ESG) issues in order to define and update the materiality matrix. It collaborates in defining the strategic guidelines and sustainability (ESG) policies, including the social and cultural responsibility model and the fight against climate change, which the Managing Director and CEO submits to the competent Board Committees and the Board of Directors. It reviews the CNFS prior to its submission to the Board.

ESG Control Room

It supports the Steering Committee – Business Plan and Sustainability (ESG) Session – in the strategic proposition relating to ESG issues; it takes care of the operational coordination for the implementation of the most relevant ESG initiatives and assesses the opportunity and solidity of any new initiatives in this area. It relies on the Sustainability Managers, identified in each Area and Division, who guarantee an overall and integrated supervision of ESG initiatives for the relevant scope and contribute to the Group's strategic proposition on these issues.

ESG & Sustainability - Financial Market Coverage Department, Chief Financial Officer Area

It oversees the process of defining, approving and updating the sustainability guidelines, in accordance with corporate strategies and objectives. It updates the Code of Ethics and monitors its application with the support of the internal audit department. It drafts the CNFS and TCFD Report. It oversees relations with the financial community on sustainability/ESG issues. It supervises the promotion and implementation of sustainability aspects in the Group's strategies and operations, including Climate Change issues, also in collaboration with other structures. It handles the Group's communication and training on sustainability. It oversees stakeholder engagement activities on sustainability issues.

The Intesa Sanpaolo Group

Intesa Sanpaolo is the Parent Company of the Banking Group with the same name. In addition to controlling the Group's companies, it holds controlling interests in other companies belonging to the broader corporate Group, which provides, among other things, insurance and business services.

As Parent Company of the Banking Group, Intesa Sanpaolo is responsible, pursuant to the Consolidated Law on Banking, for the management and coordination of the companies belonging to the Banking Group and issues in their regard the provisions required to implement the Bank of Italy's instructions in the interest of the Group's stability. Furthermore, pursuant to Articles 2497 et seq. of the Italian Civil Code, Intesa Sanpaolo exercises management and coordination activities over all the other subsidiaries, with the exception of Risanamento S.p.A.

Intesa Sanpaolo also exercises these activities over the insurance company Intesa Sanpaolo Vita, which, pursuant to Italian Legislative Decree No. 209/2005 (the "Private Insurance Code") and its implementing provisions, is the parent company of the Intesa Sanpaolo Vita Insurance Group. As such, Intesa Sanpaolo Vita exercises management and coordination activities over the Italian companies belonging to the Insurance Group, namely Intesa Sanpaolo Assicura S.p.A., Fideuram Vita S.p.A., Intesa Sanpaolo Insurance Agency S.p.A., Intesa Sanpaolo RBM Salute S.p.A. and CARGEAS Assicurazioni S.p.A., pursuant to Articles 2497 et seq. of the Italian Civil Code.

Intesa Sanpaolo has adopted Group Regulations which govern the institutional operations of the Intesa Sanpaolo Group and intragroup relationships, in accordance with supervisory regulations which assign responsibility for the overall consistency of Group governance to the parent company, through management and coordination activities.

The Group's activities are structured into six Divisions reporting directly to the Managing Director and CEO.

Banca dei Territori	This Division focuses on the market and the central role of the territory in strengthening relationships with private individuals, small and medium-sized enterprises and non-profit entities. The Division includes industrial credit, leasing and factoring and instant banking activities through the partnership between the subsidiary Banca 5 and SisalPay (Mooney).
IMI Corporate & Investment Banking	Global partner for enterprises, financial institutions and the public administration in a medium/long term perspective, at domestic and international level. It pursues capital market and investment banking activities and operates in 25 countries to support the cross-border operations of its customers through a specialised network of branches, representative offices and subsidiaries that engage in corporate banking activity.
International Subsidiary Banks	This Division includes subsidiary banks performing commercial banking activities in the following countries: Albania (Intesa Sanpaolo Bank Albania), Bosnia-Herzegovina (Intesa Sanpaolo Banka Bosna i Hercegovina), Croatia (Privredna Banka Zagreb), Egypt (Bank of Alexandria), Moldova (Eximbank), Czech Republic (the Prague branch of VUB Banka), Romania (Intesa Sanpaolo Bank Romania), Serbia (Banca Intesa Beograd), Slovakia (VUB Banka), Slovenia (Intesa Sanpaolo Bank), Ukraine (Pravex Bank) and Hungary (CIB Bank).
Private Banking	This Division serves customers in the Private and High Net Worth Individuals segment by offering targeted products and services. It includes Fideuram-Intesa Sanpaolo Private Banking, with 6,594 private bankers.
Asset Management	This Division provides asset management solutions to the Group's customers, non-Group distribution networks and institutional customers. It includes Eurizon, with 354 billion euro of assets under management.
Insurance	This Division provides insurance and pension products to Group customers. With direct deposits and technical reserves of 204 billion euro, the Division includes Intesa Sanpaolo Vita - which controls Intesa Sanpaolo Assicura, Intesa Sanpaolo Life, Intesa Sanpaolo RBM Salute, Cargeas Assicurazioni and Intesa Sanpaolo Insurance Agency - and Fideuram Vita.

•

The Governance of Intesa Sanpaolo

Asset

Private Banking

Management

Art. 123 bis (2), (a) CLF

Compliance with the Italian Corporate Governance Code

Intesa Sanpaolo complies with the new Italian Corporate Governance Code, approved on 31 January 2020 and published on the website of the Corporate Governance Committee (www.borsaitaliana.it/comitato-corporate-governance/homepage/homepage.en.htm). Consequently, the Bank's governance also follows the aims and recommendations set out in the Code, to ensure effective and transparent separation of the roles and responsibilities of its Corporate Bodies. In particular, also in accordance with supervisory requirements, this approach ensures a proper balance between strategic supervision, management and control functions.

In relation to the one-tier governance model adopted by the Bank, the Principles and Recommendations of the Code concerning the Board of Directors and the Control Body, or their members, apply, respectively, to the Board of Directors and Management Control Committee or their members.

The Company, aware that efficient corporate governance is essential for the pursuit of its objectives, constantly updates its corporate governance on the basis of past experience and changing legislation, national and international best practices and the corporate governance principles and recommendations issued by the main bodies and authorities (notably the Financial Stability Board, the Basel Committee on Banking Supervision and the European Banking Authority).

Moreover, in its capacity as a Bank, Intesa Sanpaolo must ensure that its organisational structure complies with the applicable rules, including EU sectoral legislation, the Italian Consolidated Law on Banking and the measures issued by the Bank of Italy in its supervisory role. With regard to supervision, it should be noted that Intesa Sanpaolo – being a "significant supervised entity" – is subject to the direct supervision of the European Central Bank, which has specific duties of prudential supervision over credit institutions within the Single Supervisory Mechanism, including specific controls on the presence of sound corporate governance arrangements.

In its letter of 3 December 2021 addressed to listed companies, the Italian Corporate Governance Committee made some recommendations for 2022, to encourage companies to adopt the new Code and comply with its inspiring principles, highlighting the recommendations already made in previous years on certain governance areas still affected by weaknesses and shortcomings.

Specifically, the Committee focused on the themes of sustainable success, proportionality, assessment of the directors' independence, pre-meeting disclosures, the appointment and succession of directors, gender balance and remuneration policies.

The Committee's recommendations were brought to the attention of the Nomination Committee, Board of Directors and Management Control Committee, and have been appropriately implemented by Intesa Sanpaolo. The recommendations on governance aspects are duly reflected in this Report. For specific evidence on remuneration, see the Report on Remuneration.

Part I - Ownership structure and investor relations

Information on ownership structure

Information on the ownership structure of Intesa Sanpaolo is set out below, in accordance with Article 123-bis, paragraph 1, of the Consolidated Law on Finance.

Some of this information is also provided in detail in the body of this Report; specifically:

shareholders' rights and voting rights at Shareholders' Meetings are described in the following paragraphs of this Part;
the rules on the appointment and replacement of members of the Board of Directors and the Management Control Committee are described in Part II, in the chapters on said Corporate Bodies.

Furthermore, information on the agreements between the Company and Board Members, concerning indemnities in the event of resignation or dismissal without just cause or termination of employment, is contained in the Report on Remuneration.

Share Capital

The Company's share capital amounts to 10,084,445,147.92 euro, divided into 19,430,463,305 ordinary shares without nominal value. There were no changes to the share capital in 2021.

Each ordinary share confers the right to cast one vote at Ordinary and Extraordinary Shareholders' Meetings. There are no restrictions on voting rights.

The Articles of Association do not grant any powers to the Board of Directors to issue equity instruments.

There are no restrictions on holding or transferring shares and there are no shares conferring special control rights to their holders.

Intesa Sanpaolo has no employee stock ownership plans under which voting rights cannot be exercised directly by the employees themselves. Information on the existing Incentive System based on financial instruments is provided in the Report on Remuneration.

Under the Articles of Association, resolutions on the distribution of net income are passed by the Ordinary Shareholders' Meeting, on the Board of Directors' proposal.

Net income as reported in the financial statements, net of the portion allocated to legal reserve and the portion which is not available pursuant to the law, is allocated as follows:

a) to all the ordinary shares to the extent that the Shareholders' Meeting approves its distribution;

b) any excess funds are allocated to the extraordinary reserve or other reserves, without prejudice to the possibility of allocating a portion thereof to charities or to social and cultural activities, by creating a specific reserve.

Securities traded on non-European markets

American Depositary Receipts (ADRs) representing Intesa Sanpaolo ordinary shares are outstanding, currently deposited with and managed by Bank of New York Mellon. Following the deregistration of the ADRs with the SEC, the securities were admitted to trading in the United States on the OTC market only.

Art. 123 bis (1), (i) CLF

Art. 123 bis (1), (a) CLF

CLF

Own shares

Art. 123 bis (1), (m) CLF

Art. 123 bis (1), (c) CLF

At the end of financial year 2021, 30,629,777 residual own shares were held in the Bank's portfolio, after the purchases and allocations made during the year in relation to the Incentive and Investment Plans in favour of Employees. Additional packets of shares are held by other Group companies as part of their ordinary banking and financial operations or to service said Incentive and Investment Plans.

Shareholder Base

Main Shareholders

The table below provides the list of shareholders that, based on the disclosures under Article 120 of the Consolidated Law on Finance and other information received by the Company, directly and/or indirectly hold more than 3% of the share capital (*).

Declaring entity	% of share capital
Compagnia di San Paolo	6.119%
BlackRock Inc. (1)	5.005%
Fondazione Cariplo	3.948%

(*) Shareholders that are asset management companies may have asked to be exempted from disclosure up to 5% of share ownership.

(1) BlackRock Inc. holds, as assets under management, an aggregate investment equal to 5.066% as per form 120 B dated 4 December 2020.

Under Italian law (Article 120 of the Consolidated Law on Finance) investors holding more than 3% of the share capital with voting rights in a listed company must notify said company and Consob. Moreover (Article 19 of the Consolidation Law on Banking), the prior authorisation of the European Central Bank must be obtained to acquire a holding in a bank that is deemed significant or makes it possible to exercise significant influence over the bank or represents 10% or more of the capital or voting rights in the bank.

Shareholders' agreements

On 21 December 2021, a shareholders' agreement pursuant to Article 122 of the Consolidated Law on Finance was signed and disclosed, in accordance with the procedures provided for by law, between Compagnia di San Paolo, Fondazione Cariplo, Fondazione Cassa di Risparmio di Padova e Rovigo, Fondazione Cassa di Risparmio di Firenze and Fondazione Cassa di Risparmio in Bologna. Said agreement concerned the prior consultation, submission, and vote at the Shareholders' Meeting of Intesa Sanpaolo S.p.A. expected to be held by the end of April 2022 of a joint list for the appointment of the Board of Directors and the Management Control Committee of Intesa Sanpaolo S.p.A. for the financial years 2022/2023/2024, the determination of the number of directors within the maximum limit set forth in the Articles of Association and the proposal concerning related remuneration, as well as the proposal and appointment as Chairman and Deputy Chairperson of, respectively, the first and the second candidate shown on the joint list.

The Agreement shall be effective until the end of the proceedings of the said Shareholders' Meeting of Intesa Sanpaolo S.p.A. called to appoint the Board of Directors.

At the time of the appointment of the members of the Board of Directors and Management Control Committee for the financial years 2019/2020/2021 by the Shareholders' Meeting of 30 April 2019, the same shareholders had entered into a shareholders' agreement under Article 122 of the Consolidated Law on Finance, which expired with the appointment of the Board.

To our knowledge, there are currently no other shareholders' agreements pursuant to Article 122 of the Consolidated Law on Finance.

"Change of control" clauses

As part of their normal business activities, the Bank and other Group companies are usually party to framework agreements and contracts (especially for funding) which, according to standard financial market practice for certain types of relationships, envisage specific effects in the event of "change of control" (agreements "which take effect, are amended or are terminated upon a change of control of the Company and/or as a result of related events").

No such framework agreement or contract may be considered significant, per se, in terms of amount or effect on a consolidated basis.

Allocated assets

Own shares

Art. 123 bis (1), (m) CLF

Art. 123 bis (1), (c) CLF

Art. 123 bis (1), (g) CLF

Art. 123 bis (1), (h) CLF

Shareholder Base

Main Shareholders

ownership.

December 2020.

Shareholders' agreements

second candidate shown on the joint list.

Consolidated Law on Finance.

"Change of control" clauses

the Company and/or as a result of related events").

Intesa Sanpaolo S.p.A. called to appoint the Board of Directors.

Law on Finance, which expired with the appointment of the Board.

indirectly hold more than 3% of the share capital (*).

Declaring entity % of share capital

Compagnia di San Paolo 6.119% BlackRock Inc. (1) 5.005% Fondazione Cariplo 3.948%

The table below provides the list of shareholders that, based on the disclosures under Article 120 of the Consolidated Law on Finance and other information received by the Company, directly and/or

(*) Shareholders that are asset management companies may have asked to be exempted from disclosure up to 5% of share

(1) BlackRock Inc. holds, as assets under management, an aggregate investment equal to 5.066% as per form 120 B dated 4

The Agreement shall be effective until the end of the proceedings of the said Shareholders' Meeting of

To our knowledge, there are currently no other shareholders' agreements pursuant to Article 122 of the

possible to exercise significant influence over the bank or represents 10% or more of the capital or voting rights in the bank.

As at the reporting date, Intesa Sanpaolo has not allocated assets for specific dealings in accordance with the Italian Civil Code.

Policy for the management of dialogue with investors

P. IV R. 3

At the end of 2021, Intesa Sanpaolo adopted a Policy for the management of dialogue with investors (hereinafter the "Policy"), consistent with the new Corporate Governance Code and recent banking supervisory provisions on corporate governance. The initiative is also in line with the guiding principles of EU regulation aimed at encouraging the long-term engagement of the shareholders in companies listed on regulated markets (SHR-II Directive) and, in particular, of institutional investors and asset managers.

The main objective of the Policy is to define the principles that specifically govern the dialogue of the Board of Directors with investors (meaning investors, including potential investors, other than individuals and, in the case of individuals, only the holders of Intesa Sanpaolo shares) and proxy advisors.

More specifically, the Policy illustrates:

how investors and proxy advisors may submit an engagement request to the Company or how the Company may make proposals to one or more investors or proxy advisors to participate in a dialogue;
the methods and criteria used by the Company to assess its its being available to enter in direct dialogue between the members of the Board of Directors and investors and proxy advisors;
the process of internal management of the requests submitted, including how they are reported to the Board of Directors and how responses are prepared and delivered to the parties involved.

The Policy also sets out the responsibilities of the Corporate Bodies and internal Structures supporting dialogue management.

The Board of Directors plays a guiding and monitoring role in the dialogue with investors and proxy advisors, supervises the correct application of the Policy and is constantly informed about the contents and significant developments of the dialogue. To this end, each year the Board shall assess the effectiveness and adequacy of the Policy, taking into account the outcomes of the dialogues carried out and carrying out any updates to the Policy and their implementation as appropriate.

The Chairman of the Board of Directors and the Managing Director, each according to their powers and responsibilities in relation to the dialogue topics, and with the support of the Chief Governance Officer Governance Area and the Chief Financial Officer Governance Area, are responsible for managing the dialogue with investors and proxy advisors on behalf of the Company (hereinafter also the "Responsible Directors"). Specifically, they shall:

decide whether to accept the engagement request, or where relevant, to submit it to the Board of Directors for assessment;
establish the timing and procedures to follow up on the request, as they may delegate all or part of the dialogue to the heads of the competent corporate functions;
decide, where appropriate, to involve one or more Board Members in the dialogue, having regard to the content of the request and the role of those Members within the Board of Directors;
promptly inform the Board of Directors of any issues of concern identified in relation to the dialogue, the outcomes and key points of the dialogue carried out and any engagement requests that have been refused.

The contacts with investors and proxy advisors are managed, on behalf of the Company, via the Financial Market Coverage Department, according to the instructions given by the Responsible Directors.

The topics discussed in the dialogue with investors and proxy advisors relate to matters under the responsibility of the Board of Directors.

Both the text of the Policy and the IT procedure for submitting engagement requests are available on the Bank's website.

P. IV R. 1 f)

Relations with shareholders and the financial community – The website

Policy for the management of dialogue with investors

managers.

P. IV R. 3

advisors.

dialogue;

dialogue management.

More specifically, the Policy illustrates:

the "Responsible Directors"). Specifically, they shall:

the dialogue to the heads of the competent corporate functions;

Directors for assessment;

responsibility of the Board of Directors.

been refused.

the Bank's website.

Directors.

– how investors and proxy advisors may submit an engagement request to the Company or how the Company may make proposals to one or more investors or proxy advisors to participate in a

– the methods and criteria used by the Company to assess its its being available to enter in direct dialogue between the members of the Board of Directors and investors and proxy advisors; – the process of internal management of the requests submitted, including how they are reported to the Board of Directors and how responses are prepared and delivered to the parties involved. The Policy also sets out the responsibilities of the Corporate Bodies and internal Structures supporting

– decide whether to accept the engagement request, or where relevant, to submit it to the Board of

– establish the timing and procedures to follow up on the request, as they may delegate all or part of

– decide, where appropriate, to involve one or more Board Members in the dialogue, having regard to

– promptly inform the Board of Directors of any issues of concern identified in relation to the dialogue, the outcomes and key points of the dialogue carried out and any engagement requests that have

The contacts with investors and proxy advisors are managed, on behalf of the Company, via the Financial Market Coverage Department, according to the instructions given by the Responsible

The topics discussed in the dialogue with investors and proxy advisors relate to matters under the

Both the text of the Policy and the IT procedure for submitting engagement requests are available on

the content of the request and the role of those Members within the Board of Directors;

out and carrying out any updates to the Policy and their implementation as appropriate.

It is in Intesa Sanpaolo's specific interest, as well as an obligation towards the market, to constantly keep the channels of communication open with shareholders, institutional investors and the national and international financial community, in compliance with the legislation and internal procedures on the disclosure of inside information. In this respect, the Company guarantees the systematic disclosure including at regular intervals - of fair, comprehensive and timely information on Group operations, also in the light of Consob guidance, the principles laid down in the Corporate Governance Code and national and international best practices.

Under the Articles of Association, the Chairman of the Board of Directors, in coordination with the Managing Director, has the task of supervising relations with shareholders and verifying their correct management.

Given the size of the Bank and the Group, Intesa Sanpaolo uses specialist Structures with appropriate human and technical resources: Financial Market Coverage handles relations with the financial community, particularly institutional investors, financial analysts and rating agency analysts, including for sustainability issues. Corporate Bodies and Corporate Affairs manages relations with individual and associated shareholders and assists them by providing them with the corporate documents subject to legal disclosure requirements. Press and media relations in general, in Italy and abroad, are managed by Media and Associations Relations, which plays this role also for Group companies.

Intesa Sanpaolo's relations with the market are based on highly transparent conduct, concerning in particular the annual and interim financial results and Group strategies, including via meetings with the national and international financial community, in a framework of constant dialogue with the market based on accurate and timely communication.

To fully implement its transparency policy and ensure that information is disclosed as rapidly and widely as possible, Intesa Sanpaolo also relies on its website.

The Company pays special attention on this specific information channel, also in light of developments in international best practices in the sector. The website is regularly developed and expanded, to strengthen its role as a showcase for the Group, its values and its distinctive characteristics, and to comply with the statutory disclosure and transparency requirements for online corporate disclosures, by applying the highest standards in market communications in terms of prompt and appropriate presentation.

On the website, available in both Italian and English and also featuring an internal search engine, stakeholders will find up-to-date information on the structure and composition of the Corporate Bodies, the Bank's and Group's organisational structure, the Shareholders' Meeting, the ownership structure and dividends, as well as share performance, regular financial reports and results announcements, ratings and the prospectuses of securities issued by Intesa Sanpaolo. The website also publishes the Bank's press releases, the annual calendar of major corporate events, information on significant or extraordinary transactions, as well as information regarding sustainability issues, including the reporting contained in the annual and half-yearly Consolidated Non-financial Statement and in the Task force on Climate-related Financial Disclosures (TCFD) Report.

Also available on the website is Intesa Sanpaolo's "Shareholder's Guide", which provides useful information on investing in the Bank's shares, on the rights attaching to shareholdings, and on how shareholders can build a more proactive relationship with the Bank.

The website offers a platform for the financial community and all stakeholders to find information and engage in dialogue with the Bank within a framework of ongoing, consistent and comprehensive communication. Telephone contact numbers and an email address are also provided on the website.

The Shareholders' Meeting: procedures and shareholders' rights

Intesa Sanpaolo's Shareholders' Meeting

The Shareholders' Meeting is the Body that expresses the corporate will, and its resolutions, passed in accordance with the law and the Articles of Association, are binding on all shareholders, including absent and dissenting shareholders.

Shareholders' Meetings are one of the main opportunities for the Bank to engage in dialogue with shareholders and disclose news to them, in accordance with the principle of non-selective disclosure and the rules on price-sensitive information. At the same time, the Shareholders' Meeting allows shareholders to participate actively in the Bank's operations and express their will, in the manner and on the topics established by the law and the Articles of Association.

Intesa Sanpaolo has always been committed to facilitating high meeting attendance and guaranteeing the best quality standards for the information provided, in order to realise the full potential of the meeting.

Under the one-tier governance model adopted by Intesa Sanpaolo, the Ordinary Shareholders' Meeting shall:

1) approve the financial statements and pass resolutions on the distribution of profits;

2) determine the number of Directors, appoint and remove them, establish their remuneration and appoint the Chairman and one or more Deputy Chairpersons;

3) appoint and remove the Directors forming the Management Control Committee and appoint its Chair, determining their remuneration;

4) pass resolutions on the responsibility of Directors;

5) on the reasoned proposal of the Management Control Committee, appoint the independent auditors and approve their fees and, in consultation with the Committee, revoke or amend said engagement, where necessary;

6) approve the remuneration policies for Board Members and staff, as well as the plans based on financial instruments. In this area, the meeting also approves the criteria for determining severance payments in the event of early termination of employment or office, including the limits set on said payments in compliance with applicable regulations, and shall also determine, with the qualified majorities under the supervisory regulations in force, a ratio between the variable and fixed individual remuneration higher than 1:1, but not exceeding the maximum established by the same regulations;

7) approve the rules of procedure, if any, of Shareholders' Meetings;

8) pass resolutions on the other matters assigned to it by the applicable regulations and the Articles of Association;

9) authorise the most significant transactions with related parties in the cases and in the manner set out in the procedures adopted pursuant to the Articles of Association and in accordance with the relevant regulations.

The Extraordinary Shareholders' Meeting shall pass resolutions on amendments to the Articles of Association (without prejudice to the Board's power to make any amendments required by law), on the appointment, removal, replacement and powers of liquidators, and on any other matter within its purview pursuant to the law.

Calling meetings and procedure at meetings

The Shareholders' Meeting is called by the Board of Directors whenever it deems it appropriate or, under Article 2367 of the Italian Civil Code, on the request of Shareholders representing at least one twentieth of the share capital.

The Shareholders' Meeting may also be called by the Management Control Committee, where required for the fulfilment of its duties, subject to sending notice thereof to the Chairman.

The Ordinary Shareholders' Meeting must be called at least once a year, no later than one hundred and eighty days after the end of the financial year.

The Shareholders' Meeting is called at the registered office of the Bank or in another location in the municipality where Intesa Sanpaolo has its registered office, by publishing a notice on the Bank's website at least thirty days prior to the date of the Shareholders' Meeting, as well as a summary notice in daily newspapers (the summary notice is normally published in "Il Sole 24 Ore" and in the major national and international newspapers). If the Shareholders' Meeting is called to appoint Directors by way of slate voting, an earlier deadline for publication of forty days prior to the date of the meeting is applied.

The Shareholders' Meeting is held on single call; the Board may set a second call and, only for Extraordinary Meetings, even a third call.

The Directors participate in the Shareholders' Meetings; also attending the Meetings are Bank executives and employees, as well as directors, statutory auditors, executives and employees of Group companies, and representatives of the independent auditors. In addition, other persons may participate if their presence is considered useful by the Chairman of the Shareholders' Meeting with reference to the topics for discussion or the work of the Meeting.

The Articles of Association govern in detail the process that the Shareholders' Meeting must follow to appoint the members of the Board of Directors.

The Chairman of the Shareholders' Meeting, through his/her powers of management and coordination pursuant to the law and the Articles of Association, specifies, in the opening session, the main rules of conduct to be observed and in any event informs the attendees on voting procedures, even during the Meeting, to enable them to express clear and well-informed opinions on the items on the agenda.

With regard to the right to speak with regard to the items on the agenda, and to give everyone the opportunity to speak, the Chairman, also on the basis of the number of requests put forward, sets the maximum speaking and reply time for each speaker. Requests to speak are made via an automatic booking system at specific stations in the meeting hall.

The Bank has decided not to change the percentage capital thresholds under the applicable legislation for exercise of the rights and prerogatives protecting minority shareholders' interests.

Additions to the agenda and submission of new proposed resolutions

Pursuant to the law and the Articles of Association, within ten days of publication of the notice of call, shareholders severally or jointly representing at least one-fortieth of the share capital may request additions to the items on the agenda or submit proposed resolutions on items already on the agenda, specifying the additional items or proposals in their request.

Those entitled to vote may individually, even if they do not reach the above shareholding, submit proposed resolutions on the items on the agenda directly at the Shareholders' Meeting.

Additional items are not permitted for topics which the Shareholders' Meeting addresses, by law, upon proposal by the Board of Directors or based on a project or report prepared by the latter other than the report usually drawn up for all items on the agenda pursuant to Article 125-ter, paragraph 1, of the Consolidated Law on Finance.

Notice of additions to the agenda or the submission of additional proposed resolutions on items already on the agenda is given in the forms prescribed for the publication of the notice of call.

Right to ask questions on items on the agenda

The Shareholders' Meeting: procedures and shareholders' rights

1) approve the financial statements and pass resolutions on the distribution of profits;

on the topics established by the law and the Articles of Association.

appoint the Chairman and one or more Deputy Chairpersons;

7) approve the rules of procedure, if any, of Shareholders' Meetings;

4) pass resolutions on the responsibility of Directors;

Under the one-tier governance model adopted by Intesa Sanpaolo, the Ordinary Shareholders' Meeting

2) determine the number of Directors, appoint and remove them, establish their remuneration and

3) appoint and remove the Directors forming the Management Control Committee and appoint its

5) on the reasoned proposal of the Management Control Committee, appoint the independent auditors and approve their fees and, in consultation with the Committee, revoke or amend said engagement,

8) pass resolutions on the other matters assigned to it by the applicable regulations and the Articles of

9) authorise the most significant transactions with related parties in the cases and in the manner set out in the procedures adopted pursuant to the Articles of Association and in accordance with the

The Shareholders' Meeting may also be called by the Management Control Committee, where required

The Ordinary Shareholders' Meeting must be called at least once a year, no later than one hundred

for the fulfilment of its duties, subject to sending notice thereof to the Chairman.

Intesa Sanpaolo's Shareholders' Meeting

absent and dissenting shareholders.

Chair, determining their remuneration;

meeting.

where necessary;

Association;

applied.

relevant regulations.

purview pursuant to the law.

twentieth of the share capital.

Calling meetings and procedure at meetings

and eighty days after the end of the financial year.

shall:

Article 123-bis (2), (c), CLF

Those entitled to vote may ask questions concerning items on the agenda even prior to the Shareholders' Meeting, by the deadline stated in the notice of call; said questions are answered during the Shareholders' Meeting at the latest. The Company may provide a single response to questions with the same content.

Questions may also be submitted through the dedicated section of the website or by email, according to the specific instructions set out in the notice of call.

Participation and representation – The Designated Representative

Participation in the Shareholders' Meeting is reserved for parties that are entitled to vote at the end of the accounting day of the seventh market trading day prior to the date set for the meeting on first or single call (record date).

Those entitled to vote may be represented at the Shareholders' Meeting through proxy.

The Articles of Association allow for electronic notification of voting proxies to the Bank through the appropriate section of the website or by email.

The notice of call contains detailed instructions on the proxy voting procedure, including a proxy form on the Bank's website and how to send the proxies electronically.

In addition, the notice of call may specify arrangements to enable the shareholders to attend the meeting remotely via telecommunications devices and cast their vote electronically.

To maximise participation in the Shareholders' Meeting's decision-making processes, the Articles of Association allow the Bank to appoint for each meeting and name in the notice of call one or more "Designated Representatives" that holders of voting rights can appoint as proxy with instructions to vote on all or some of the items on the agenda. The power to appoint more than one representative, even in different locations, ensures they can be closer to shareholders and possibly differentiated by shareholder category.

This does not affect the legal provisions on proxy solicitation by promoters or on the collection of proxies by shareholders' associations.

Intesa Sanpaolo's Articles of Association do not permit postal voting.

On the occasion of both Shareholders' Meetings held in 2021 - on April 28 and October 14 - Intesa Sanpaolo adopted specific organizational choices, in compliance with the current provisions aimed at facing the epidemiological emergency from Covid-19 and, at the same time, guaranteeing both the health and safety of those present and the full exercise, by the shareholders, of their rights. These solutions are referred to in the section of the Overview dedicated to the Shareholder's Meeting.

* * *

Voting rights

Article 123-bis (1) (f), CLF There are no restrictions on voting rights.

Challenges against shareholder meeting resolutions

Resolutions passed by Shareholders' Meetings in accordance with the law and the Articles of Association are binding on all shareholders, including those who dissent or abstain from voting. Resolutions passed not in accordance with the law and the Articles of Association may be challenged by absent, dissenting or abstaining shareholders.

The time limits, methods and procedures for challenging resolutions are governed by the provisions of law in force, set out in Articles 2377-2378 of the Italian Civil Code.

Right of withdrawal

The right of withdrawal may be exercised only in the cases strictly set out in Article 2437 of the Italian Civil Code. As permitted by Article 2437, paragraph 2, of the Italian Civil Code, the Articles of Association exclude the right of withdrawal for shareholders that did not take part in the approval of the resolutions concerning the extension of the duration of the Company and the introduction or cancellation of restrictions on the trading of shares.

The terms and methods for the exercise of the right of withdrawal and the criteria for determining the value of the shares and the related liquidation procedures are governed by the law.

Part II - Corporate governance system

The Board of Directors

This does not affect the legal provisions on proxy solicitation by promoters or on the collection of

* * *

The time limits, methods and procedures for challenging resolutions are governed by the provisions of

The terms and methods for the exercise of the right of withdrawal and the criteria for determining the

value of the shares and the related liquidation procedures are governed by the law.

solutions are referred to in the section of the Overview dedicated to the Shareholder's Meeting.

shareholder category.

Voting rights

Article 123-bis (1) (f), CLF

Right of withdrawal

proxies by shareholders' associations.

There are no restrictions on voting rights.

Challenges against shareholder meeting resolutions

by absent, dissenting or abstaining shareholders.

cancellation of restrictions on the trading of shares.

law in force, set out in Articles 2377-2378 of the Italian Civil Code.

Intesa Sanpaolo's Articles of Association do not permit postal voting.

The Board of Directors is the highest body in the one-tier corporate governance system adopted by Intesa Sanpaolo and is tasked with managing the company. P. III

The Board of Directors is governed by the legal and regulatory provisions, the Articles of Association and its own Regulations.

Within the Board, the typical control functions are reserved for Directors sitting on the Management Control Committee, which is covered in a subsequent section.

In the performance of its duties, the Board is supported by Committees, appointed by the Board from among its directors:

Nomination Committee
Remuneration Committee
Risks Committee
Committee for Transactions with Related Parties

which are described in a specific section of this Report.

The Regulations of the Board of Directors govern, in compliance with the law, regulations and the Articles of Association, the organisational and operating arrangements and the powers of the Board, including in the light of the principles and rules laid down in the Italian Corporate Governance Code, with which the Bank has chosen to comply, as well as the regulatory provisions issued by the Supervisory Authorities. The following paragraphs outline the main contents of the Board of Directors' Regulations.

In February 2022, the Board of Directors approved the update of its Regulations and of those of the Risks Committee, the Nomination Committee and the Remuneration Committee, and expressed a favourable opinion on the amendments to the Regulations of the Management Control Committee, which were subsequently approved by said Committee. These changes will take effect from the next renewal of said bodies.

The revisions to the Regulations are due to the intervening changes in legislation and the internal regulations, to the introduction of some important regulatory innovations allowing simplification of the powers and responsibilities of the Board Committees of banks that follow the one-tier model, and to the guidance and recommendations of the market and Supervisory Authorities on sustainability issues.

In detail, the Management Control Committee has been assigned sole responsibility for examining and assessing accounting/financial documentation ahead of Board decisions. This results in the allocation of responsibilities on financial disclosure between the Committees "by subject matter", while taking into account the functional criterion which, under the law, assigns a control role to the Management Control Committee.

In addition, as regards the Risks Committee, in view of the growing focus on sustainability issues, also confirmed by the provisions of the Bank's 2022-2025 Business Plan, the responsibilities already assigned to the Risks Committee in this area have been strengthened and expanded, and the Committee has accordingly been renamed "Risk and Sustainability Committee".

R. 11

P. XI R. 16

P. IX

Powers of the Board of Directors

With regard to its corporate management duties, the Board, without prejudice to the powers reserved for it, delegates to the Managing Director the necessary and appropriate powers to ensure consistency in day-to-day management, in implementation of the guidelines decided by the same Board. The Board determines the content, limits and methods of exercise of the powers granted to the Managing Director and establishes how the he/she must report back to the Board on the delegated activities.

In performing its strategic supervision duties, the Board of Directors, pursuant to the Articles of Association and to its Regulations:

defines and approves the business model, strategic guidelines and risk appetite, and thus approves the Risk Appetite Framework, the Company and Group strategic, business and financial plans and any amendments thereof, also taking into account the sustainability (ESG) policies;
defines and approves the Company and Group risk governance objectives and policies, as well as the general guidelines for the capital and liquidity adequacy assessment process (ICAAP and ILAAP);
defines and approves the guidelines of the Company and Group internal control system;
defines the overall governance structure and approves the Company's organisational structure; identifies the information flows required to ensure the full circulation of information within the Board and the information flows to Bodies and Committees, including from the corporate departments;
approves the accounting and reporting systems;
oversees the Company and Group public disclosure and reporting process;
ensures effective dialogue with the key function holders.

Moreover, the Board of Directors has exclusive responsibility over the following matters, among others:

appointing and removing the Managing Director and General Manager, granting, modifying or terminating their powers and establishing the remuneration for this office;
appointing and removing the members of the Board Committees set up in accordance with the Articles of Association, including their Chair, and setting up any other Board Committees with inquiry and advisory duties;
setting up the Steering Committee and additional Management Committees, as provided for by the first-level organisational structure;
appointing and removing the Manager responsible for preparing the Company's financial reports, the heads of the corporate control functions and the head of the Safety and Protection function;
drafting the remuneration and incentive policy to be submitted to the Shareholders' Meeting, and establishing remuneration and incentive systems for top managers;
approving and amending the main internal regulations;
approving the Consolidated Non-financial Statement;
making decisions concerning i) the purchase and sale of equity investments amending the composition of the Banking Group, as well as the investments considered strategic under the supervisory regulations or according to the plans and policies adopted by the Board, ii) the purchase, sale, contribution of firms, business lines, assets and legal relationships identified en bloc under Article 58 of the Consolidated Law on Banking which are deemed strategic under the above criteria, iii) the investments and divestments, including real estate, deemed to be strategic under the above criteria and, in any case, iv) transactions of the kind indicated in the previous points which exceed, individually, the value of 3% of the total own funds of the Company's consolidated supervisory capital;
- nominating the members of the subsidiaries' corporate bodies, including Executive Directors.
The Board is empowered to approve the strategic guidelines and policies on sustainability (ESG), including the social and cultural responsibility model and the fight against climate change – taking into account the objectives of solid and sustainable value creation and distribution for all stakeholders. In this regard, the Board of Directors' Regulations state that Directors have a duty to contribute to creating value for shareholders with a medium-/long-term sustainability focus, also taking into account the interests of other relevant stakeholders for the Company, in accordance with the principles of sound and prudent management of the Bank and with the reference principles and values adopted by the Bank. P. I

R. 2

P. XVI P. XVII

R. 1 e)

R. 1 a) c) d) f)

It is also noted that Intesa Sanpaolo has always been at the forefront of sustainability, a commitment that has been also confirmed in the 2022-2025 Business Plan. The Bank has received a number of awards for the initiatives put in place.

For the eleventh consecutive year, Intesa Sanpaolo was the only Italian bank to be included in the Dow Jones Sustainability World Index and Dow Jones Sustainability Europe Index, which are among the most important sustainability stock market indices in the world and in Europe. This recognition confirms Intesa Sanpaolo's status as one of the most active groups in the world on ESG (Environment, Social, Governance) issues for sustainable development and in support of SDGs (Sustainable Development Goals).

Intesa Sanpaolo was moreover confirmed as the best European bank and best Italian company for relations with financial analysts and institutional investors and for ESG issues according to the 2021 ranking by specialised research company Institutional Investor.

For further details, see the Consolidated Non-financial Statement published on the Bank's website.

Furthermore, the Board of Directors may assign specific duties to its members; upon proposal of the Managing Director, the Board of Directors may also grant Executives, branch managers or other personnel specific powers to perform certain activities or categories of acts and business activities, establishing the content, limits and methods of performance of such powers and determining when the delegated persons may act separately, jointly or as part of committees.

The Board periodically assesses the general development of operations, also upon presentation of the financial data of the Company and the Group, taking into account, in particular, the information received from the Managing Director and periodically comparing actual with expected results. The Board also assesses the adequacy of the Company's organisational, management and accounting structure.

Composition of the Board of Directors

Powers of the Board of Directors

Association and to its Regulations:

and advisory duties;

capital;

first-level organisational structure;

approves the accounting and reporting systems;
ensures effective dialogue with the key function holders.

• approving and amending the main internal regulations; • approving the Consolidated Non-financial Statement;

ILAAP);

P. I P. II

R. 4

R. 1 a) c) d) f)

R. 2

P. XVI P. XVII

R. 1 e)

P. I

The Board of Directors is responsible for corporate management. The Board may therefore undertake all transactions considered necessary, useful or appropriate to achieve the corporate purpose, relating to both ordinary and extraordinary administration. The Board has guidance and strategic supervision duties over the Company and the duty to pass resolutions on all the most important corporate actions. With regard to its corporate management duties, the Board, without prejudice to the powers reserved for it, delegates to the Managing Director the necessary and appropriate powers to ensure consistency in day-to-day management, in implementation of the guidelines decided by the same Board. The Board determines the content, limits and methods of exercise of the powers granted to the Managing Director

In performing its strategic supervision duties, the Board of Directors, pursuant to the Articles of

defines and approves the business model, strategic guidelines and risk appetite, and thus approves the Risk Appetite Framework, the Company and Group strategic, business and financial plans and
defines and approves the Company and Group risk governance objectives and policies, as well as the general guidelines for the capital and liquidity adequacy assessment process (ICAAP and
defines the overall governance structure and approves the Company's organisational structure; identifies the information flows required to ensure the full circulation of information within the Board and the information flows to Bodies and Committees, including from the corporate departments;

Moreover, the Board of Directors has exclusive responsibility over the following matters, among others: • appointing and removing the Managing Director and General Manager, granting, modifying or

• appointing and removing the members of the Board Committees set up in accordance with the Articles of Association, including their Chair, and setting up any other Board Committees with inquiry

• setting up the Steering Committee and additional Management Committees, as provided for by the

• appointing and removing the Manager responsible for preparing the Company's financial reports, the heads of the corporate control functions and the head of the Safety and Protection function; • drafting the remuneration and incentive policy to be submitted to the Shareholders' Meeting, and

• making decisions concerning i) the purchase and sale of equity investments amending the composition of the Banking Group, as well as the investments considered strategic under the supervisory regulations or according to the plans and policies adopted by the Board, ii) the purchase, sale, contribution of firms, business lines, assets and legal relationships identified en bloc under Article 58 of the Consolidated Law on Banking which are deemed strategic under the above criteria, iii) the investments and divestments, including real estate, deemed to be strategic under the above criteria and, in any case, iv) transactions of the kind indicated in the previous points which exceed, individually, the value of 3% of the total own funds of the Company's consolidated supervisory

• nominating the members of the subsidiaries' corporate bodies, including Executive Directors.

The Board is empowered to approve the strategic guidelines and policies on sustainability (ESG), including the social and cultural responsibility model and the fight against climate change – taking into account the objectives of solid and sustainable value creation and distribution for all stakeholders. In this regard, the Board of Directors' Regulations state that Directors have a duty to contribute to creating value for shareholders with a medium-/long-term sustainability focus, also taking into account the interests of other relevant stakeholders for the Company, in accordance with the principles of sound and prudent management of the Bank and with the reference principles and values adopted by the Bank.

and establishes how the he/she must report back to the Board on the delegated activities.

any amendments thereof, also taking into account the sustainability (ESG) policies;

defines and approves the guidelines of the Company and Group internal control system;
oversees the Company and Group public disclosure and reporting process;

terminating their powers and establishing the remuneration for this office;

establishing remuneration and incentive systems for top managers;

Composition, diversity and appointment

The Board of Directors is composed of a minimum of 15 to a maximum of 19 members, who need not be Shareholders, appointed by the Shareholders' Meeting on the basis of slates submitted by Shareholders. Within the Board, the Management Control Committee is composed of 5 Directors, also appointed directly by the Shareholders' Meeting, in line with the Regulatory Provisions.

A key choice made was to ensure that the Board has a large majority of independent directors and appoints a single Managing Director and CEO, while no other directors may hold executive offices and the Board may not delegate its duties to an executive committee.

The less-represented gender must currently make up at least one third of the total members, as established by applicable regulations on equal access to the management and control bodies of listed companies and by the recommendations of the Corporate Governance Code.

At the next renewal of the Board of Directors, the new gender quota of 2/5 of members, set out in the Articles of Association, will be respected.

In accordance with the Articles of Association, at least four members shall be enrolled with the Register of Statutory Auditors and shall have practised as auditors or acted as members of a limited company control body for at least three years.

P. II R. 1 b) and d)

The Board in office at the date of publication of this Report is composed of 17 Directors elected by the Shareholders' Meeting of 30 April 2019 and one Director elected by the Shareholders' Meeting of 27 April 20201:

Gian Maria Gros-Pietro	Chairman
Paolo Andrea Colombo	Deputy Chairperson
Carlo Messina	Managing Director
Franco Ceruti	Director
Rossella Locatelli	Director
Luciano Nebbia	Director
Bruno Picca	Director
Livia Pomodoro	Director
Maria Alessandra Stefanelli	Director
Guglielmo Weber	Director
Daniele Zamboni	Director
Maria Mazzarella	Director
Anna Gatti	Director
Fabrizio Mosca	Director
Milena Teresa Motta	Director
Maria Cristina Zoppo	Director
Alberto Maria Pisani	Director
Roberto Franchini2	Director

The detailed composition of the Board is shown in Part IV, Table 1, of the Report. The Bank website ("Governance" section) provides brief biographical and professional notes on the Directors in office.

In line with the Supervisory Provisions, for the purpose of appointing or co-opting the Directors, the Board of Directors identifies its optimal qualitative and quantitative composition, including, among other things, an adequate level of diversification of the members also in terms of age, gender, geographical origin and skills.

Art. 123 bis (2), (d)-bis, CLF

In this regard, the Articles of Association specify that the Board shall take the necessary measures to ensure that each Director and the Board as a whole are constantly adequate in terms of diversity, including of experience, gender and international orientation, and in terms of competence, fairness, reputation, independence of mind and time commitment.

R. 23

P. VII

The Board currently in office was appointed in compliance with the guidelines on the Board's composition and diversity issued by the outgoing Board at the time of the 2019 renewal in the document on the qualitative and quantitative composition of the Board of Directors approved on 26 February 2019. The document expressly required shareholders to ensure, within the Board, the widest possible gender diversity, the presence of adequate professional skills and age diversity, as well as a wide range of

knowledge and experience. With specific reference to the adequacy and diversity of the professional profiles required, the set of very good or distinctive expertise, knowledge and skills – with a very wide, medium-wide or limited distribution – considered appropriate to achieve the optimal qualitative composition of the new Board of Directors was outlined in a "Skills Directory".

Following the renewal of the Bodies in 2019 and the appointment of two new Directors in April 2020, the characteristics declared by the Directors were assessed by the Board of Directors as appropriately diversified and suitable to ensure adequate Board composition and a well-balanced composition of the Board Committees.

¹ Director Andrea Sironi resigned from office, effective 28 February 2022.

² Appointed by the Shareholders' Meeting on 27 April 2020 replacing Corrado Gatti, who resigned from office as of 2 March 2020.

R. 8

With regard to gender diversity, Intesa Sanpaolo guarantees full compliance with the gender quotas provided for by the legislation, as indicated above. Furthermore, in the current structure of the Board, the female gender is represented within all the Board Committees, makes up the majority of the members of the Committee for Transactions with Related Parties and has the chairmanship of the Risks Committee and the Nomination Committee.

Within the Board Committees, there is also a qualified representation of minorities: all the Committees have one director elected by the minority, while the Committee for Transactions with Related Parties has two, one of whom is the Chair.

All committees have at least 3 members others than those sitting on other committees.

The annual self-assessment also confirmed compliance with the diversity guidelines.

Gian Maria Gros-Pietro Chairman Paolo Andrea Colombo Deputy Chairperson Carlo Messina Managing Director Franco Ceruti Director Rossella Locatelli Director Luciano Nebbia Director Bruno Picca Director Livia Pomodoro Director Maria Alessandra Stefanelli Director Guglielmo Weber Director Daniele Zamboni Director Maria Mazzarella Director Anna Gatti Director Fabrizio Mosca Director Milena Teresa Motta Director Maria Cristina Zoppo Director Alberto Maria Pisani Director Roberto Franchini2 Director

The detailed composition of the Board is shown in Part IV, Table 1, of the Report.

reputation, independence of mind and time commitment.

The Bank website ("Governance" section) provides brief biographical and professional notes on the

In this regard, the Articles of Association specify that the Board shall take the necessary measures to ensure that each Director and the Board as a whole are constantly adequate in terms of diversity, including of experience, gender and international orientation, and in terms of competence, fairness,

With specific reference to the adequacy and diversity of the professional profiles required, the set of very good or distinctive expertise, knowledge and skills – with a very wide, medium-wide or limited distribution – considered appropriate to achieve the optimal qualitative composition of the new Board of

² Appointed by the Shareholders' Meeting on 27 April 2020 replacing Corrado Gatti, who resigned from office as of 2 March 2020.

April 20201:

Directors in office.

origin and skills.

Art. 123 bis (2), (d)-bis, CLF

P. VII R. 8

R. 23

P. VII

knowledge and experience.

Board Committees.

Directors was outlined in a "Skills Directory".

¹ Director Andrea Sironi resigned from office, effective 28 February 2022.

In accordance with the Articles of Association, the procedure for appointing Directors is based on slates of candidates prepared by Shareholders, in line with the legislation for listed companies. The Board of Directors is not entitled to submit a slate of candidates.

The election system defined in the Articles of Association is based on a majority principle, balanced by the appointment of a share of Directors and members of the Management Control Committee on a proportional basis.

This mechanism ensures adequate representation of minority shareholders within the Corporate Bodies, through the submission of slates of candidates to the Shareholders' Meeting at the time of Board renewal and also for the replacement of any individual outgoing Board Members.

The minority shareholders are thus given the option to elect, within both the Board and the Management Control Committee, a number of Directors well above that required by the legislation.

This solution creates a governance structure in line with international standards and makes full use of the slate election system, provided for by Italian law, allowing the minorities to appoint Directors as well as members of the Management Control Committee.

Moreover, the minority slate not connected with the majority shareholders that obtains the highest number of votes in the Shareholders' Meeting is given the option to appoint, in addition to the Chairman of the Management Control Committee, also a second Member of the same Committee, to further strengthen the level of protection of the minorities within the control body.

The slates, containing between a minimum of 2 and a maximum of 19 names, must comprise two sections: the first section with the names of the candidates for the position of Director and the second with the names of the candidates for the position of Director and member of the Management Control Committee.

At the time of election, all Board Members are drawn from the majority slate, except for 5 or 4 Directors, depending on their total number. Moreover, three Directors from the majority slate are also appointed to the Management Control Committee. Among the Directors appointed from the minority slates, two are in any case taken from the minority slate that obtained the second highest number of votes (first minority slate) and that has no connection with the majority, as required by the legislation. The first of said Directors is appointed Chairman of the Management Control Committee. The other Board Members are drawn proportionately from slates other than the one that obtained the highest number of votes, also including the first minority slate, provided that such slates, taken as a whole, obtained votes at least equal to 10% of the ordinary share capital represented at the Shareholders' Meeting.

Where it is necessary to complete the composition of the Board upon the outcome of the proportional division, all the other additional Directors are drawn from the slate that obtained the highest number of votes, until it is exhausted.

The appointment procedure ensures that the Board composition is in line with the requirements of professionalism, independence and gender balance.

The Articles of Association establish a supplementary mechanism whereby a candidate not meeting the requirements is replaced by the candidate who meets the requirements and is drawn from the same slate as the excluded candidate. If there are not enough candidates on the slate for that purpose and in any other case in which the established criteria do not make it possible to appoint all Directors in compliance with the necessary requirements, the missing Directors are appointed by the Shareholders' Meeting with replacement procedures that make it possible to meet all necessary requirements.

Art. 123 bis (1), (l), CLF R. 19 d) P. XIII

If only one slate of candidates is submitted, the Board Members are chosen from that slate, up to the number of candidates it contains, drawing from the second section of the slate all the members of the Management Control Committee. In this case, the office of Chairman of the Committee is awarded to the first candidate in the ranking of the second section of the slate.

In the absence of slates, the Shareholders' Meeting elects the Directors and the Management Control Committee members by relative majority of the capital represented at the Shareholders' Meeting, subject to compliance with the requirements established by the applicable legislation and the Articles of Association. In this case, the Shareholders' Meeting shall appoint the Chairman of the Committee when appointing the Committee members.

The Shareholders' Meeting elects the Chairman of the Board of Directors and one or more Deputy Chairpersons by relative majority.

For additional information on the appointment of Board Members, see the relevant provisions of the Articles of Association.

R. 23

In view of the next renewal of the Corporate Bodies, on the agenda of the Shareholders' Meeting called to approve the 2021 financial statements, the outgoing Board of Directors, in line with the criteria adopted by the same Board and set out in the applicable legislation, issued its own guidelines on the optimal qualitative and quantitative composition of the bodies

taking into account the results of the self-assessment, including the candidates' competence profile;
identifying and justifying the professional characteristics and suitability qualifications deemed adequate to the purpose, as well as the diversity criteria, including gender diversity, to ensure appropriate overall composition; and
specifying the minimum time required for performing the various offices within the Board.

The document will be published on the Company's website suitably in advance of the publication of the Shareholders' Meeting notice of call.

Term of office, replacement and removal

Directors remain in office for three financial years until the date of the next Shareholders' Meeting called to approve the financial statements and the proposal for allocation of net income in accordance with Article 2364 of the Italian Civil Code, and may be re-elected.

The term of office of the current Board Members covers the years 2019/2020/2021. The Board Members will end their term simultaneously on the date of the Shareholders' Meeting called pursuant to the aforementioned Article 2364 of the Italian Civil Code to approve the financial statements and the proposal for allocation of net income for 2021.

In the event that a Director ceases to hold office, the Board of Directors, with the support of the Nomination Committee, may replace the outgoing Director by co-option, in compliance with the requirements of the Articles of Association, provided that the majority continues to consist of Directors appointed by the Shareholders' Meeting. In the event that the Chairman of the Board of Directors ceases to hold office early, the Chairman's functions shall be exercised by the Deputy Chairperson until the date of the next Shareholders' Meeting for the appointment of the new Chairman.

If a member of the Management Control Committee ceases to hold office, the first non-elected member from the second section of the slate to which the previous member belonged – meeting the requirements – shall take up the position or, if the substitute thus identified fails to meet the requirements applicable under law, regulations or the Articles of Association to the outgoing member, the latter shall be replaced by the subsequent non-elected candidate from the second section of the same slate that satisfies said requirements. If, for whatever reason, it is impossible to find a replacement using these criteria, the member of the Management Control Committee who has ceased to hold office shall be replaced by the Shareholders' Meeting that will be called without delay.

If the Chairman of the Committee ceases to hold office, he/she shall be replaced by the second ranked member from the same slate as the outgoing Chair.

The new members of the Management Control Committee and the members appointed by the Board by co-option shall hold office until the next Shareholders' Meeting.

P. V

R. 4

R .34

Art. 123-bis (2) (d) CLF

The Shareholders' Meeting called for the appointment of new Directors to replace those who ceased to hold office shall make the appointment in accordance with the principle of necessary representation of minorities, gender balance and the other requirements under the applicable legislation and the Articles of Association.

All Directors and members of the Management Control Committee may be removed by the Shareholders' Meeting at any time, without prejudice to the Directors' right to be indemnified if they are removed without just cause. However, in light of the guarantee and control functions of the Management Control Committee and pursuant to the Articles of Association, the proposal to remove one or more Committee members submitted to the Shareholders' Meeting by the Board or the Committee itself must be duly reasoned and adopted with a more thorough decision-making procedure. The removal of a member of the Management Control Committee also entails said member's removal from the Board.

Chairman and Deputy Chairperson

The Shareholders' Meeting elects the Chairman of the Board of Directors and one or more Deputy

For additional information on the appointment of Board Members, see the relevant provisions of the

taking into account the results of the self-assessment, including the candidates' competence

identifying and justifying the professional characteristics and suitability qualifications deemed adequate to the purpose, as well as the diversity criteria, including gender diversity, to ensure

specifying the minimum time required for performing the various offices within the Board. The document will be published on the Company's website suitably in advance of the publication of the

If the Chairman of the Committee ceases to hold office, he/she shall be replaced by the second ranked

The new members of the Management Control Committee and the members appointed by the Board by

date of the next Shareholders' Meeting for the appointment of the new Chairman.

the first candidate in the ranking of the second section of the slate.

optimal qualitative and quantitative composition of the bodies

Article 2364 of the Italian Civil Code, and may be re-elected.

appropriate overall composition; and

appointing the Committee members.

Chairpersons by relative majority.

Shareholders' Meeting notice of call.

Term of office, replacement and removal

proposal for allocation of net income for 2021.

Shareholders' Meeting that will be called without delay.

co-option shall hold office until the next Shareholders' Meeting.

member from the same slate as the outgoing Chair.

Articles of Association.

R. 23

Art. 123-bis (1), (l), CLF P. XIII

profile;

The Shareholders' Meeting held on 30 April 2019 elected by a relative majority the Chairman of the Board of Directors, Gian Maria Gros-Pietro, and a Deputy Chairperson, Paolo Andrea Colombo.

The Chairman has a non-executive role and does not carry out, not even de facto, management functions.

In light of the current governance model and the duties assigned to the Chairman by the Articles of Association and detailed in the Regulations of the Board of Directors, the Chairman plays a leading role in the Bank, enhanced by distinguished authority, skill and time commitment.

The Chairman oversees the work of the Board, organises and directs its activity and performs all the tasks envisaged by the supervisory legislation and the Articles of Association.

In keeping with the prerogatives attributed to the role, the Chairman thus ensures the proper functioning of the Board of Directors, fosters internal dialogue and ensures the balance of power.

In this context, the Chairman, among his various duties: i) promotes and supervises the actual functioning of the corporate governance system, including with regard to internal and external communications, while also liaising with the Board Committees on which he does not sit, and ensures the balance of power with particular reference to the delegated day-to-day management powers; ii) maintains the necessary and appropriate relations with the Managing Director; iii) requests and receives information also on specific aspects of the Company's and the Group's operations and on business performance in general, also in terms of business outlook, in any event having access to all corporate functions to this end; iv) supervises relations with Shareholders, verifying that such relations are managed correctly, in agreement with the Managing Director; v) manages relations with the Supervisory Authorities.

In urgent cases, the Chairman or, in the case of his absence or impediment, the Deputy Chairperson or the most senior Director, based on a binding proposal of the Managing Director, may make decisions on any matters within the powers of the Board of Directors, with the exception of strategic matters or those which may not be delegated and are reserved for the Board.

At the meeting held on 2 May 2019, the Board of Directors invited Professor Giovanni Bazoli to continue his collaboration and perform equivalent duties to those attributed to him with the role of President Emeritus, establishing that the Chairman and the Managing Director may consult him on certain institutional issues, specifically relating to the culture and artistic heritage sector.

Managing Director

The Board of Directors shall elect, with a qualified majority, from among its members - excluding the Chairman of the Board, the members of the Management Control Committee and the minimum number of Independent Directors - a Managing Director vested with the powers related to the Company's dayto-day management.

At the meeting held on 2 May 2019, the Board of Directors, in continuity with the previous mandate, unanimously confirmed the appointment as Managing Director and CEO of Carlo Messina, who was granted the necessary and appropriate powers to ensure consistency in day-to-day management, in implementation of the guidelines decided by the Board.

The Managing Director is the CEO and General Manager and supervises the company's management to the extent of his assigned powers, in compliance with the general planning and strategic guidelines

P. X R. 12 a), b), c)

set forth by the Board. He/she determines and issues operational directives and is responsible for personnel management. Within the scope of his/her competences, the Managing Director may submit proposals for resolutions to the Board, without prejudice to the powers to make proposals held by all other Directors and to the powers within the remit of the Board Committees, as defined by the applicable legislation and the Articles of Association.

The Managing Director implements the resolutions of the Board of Directors; this includes in particular implementing the strategic guidelines, the Risk Appetite Framework and the risk governance policies defined by the Board.

He/she shall also ensure that the organisational, management and accounting structure as well as the internal control system are appropriate to the nature and size of the company and suited to furnishing a proper representation of operations.

In performing his/her functions, the Managing Director relies first and foremost on support from the Steering Committee and secondly from the other Managerial Committees, reference to which is made in a specific paragraph below.

In urgent cases, the Managing Director may propose that the Chairman resolve on any matters pertaining to the Board (except for strategic matters or those that cannot be delegated); again, in urgent cases and on an exclusive basis, the Managing Director shall resolve on lending matters.

In the event of absence or impediment of the Managing Director, the powers as General Manager are exercised with joint signatures by the Chief Financial Officer and the Chief Governance Officer.

The general guidelines of the processes, rules and methodologies relating to the succession of the Group's main management positions are set out in the Group's "Strategic Succession Planning", approved by the Board of Directors and drawn up with the support of a leading consultancy firm.

With regard to the succession plans for the Managing Director and General Manager, the Board of Directors has tasked the Nomination Committee to support the Board, in coordination with the Chairman, in designing the succession process. This process has been incorporated into the internal regulations adopted by the Board on the assessment of the suitability requirements for office and of the overall adequacy of the Body.

Suitability requirements

In order to ensure the sound and prudent management of the Company and the proper functioning of the Board of Directors as a whole, the Board Members must meet the suitability requirements for the office as established by the applicable legislation and the Articles of Association.

Specifically, Board Members must meet the professionalism and integrity requirements and comply with the criteria of competence, reputation and fairness and time commitment, and the specific limitation of directorships laid down by the applicable legislation and in any event those set out in the CRD IV Directive, for the performance of the office of director of a bank issuing shares listed in regulated markets, and the prohibition of interlocking directorates provided for by Article 36 of Italian Law Decree No. 201/2011, converted by Law No. 214/2011.

Moreover, taking into account the corporate governance model and the characteristics of the Bank in terms of size and operations, the Articles of Association set out specific additional requirements for Board Members and, particularly, for members of the Management Control Committee (for more details, see the next chapter dedicated to this Committee).

The suitability requirements for the exercise of the office laid down in the applicable legislation and the Articles of Association for the Directors must be verified within 30 days of the nomination and must be subject to specific and continuous monitoring.

Specifically, the Board assesses the suitability requirements for the office of all Directors, except for the members of the Management Control Committee, who are assessed by the Committee itself.

Where appropriate, the Board shall disqualify or suspend any Directors who are unable to prove that they meet the established requirements, in the cases provided for in applicable legislation. For the

P. V P. XII

P. XIII R. 24

members of the Management Control Committee, any declaration of disqualification from office is issued by the Committee itself.

The assessment of suitability carried out by the Board is subject to a specific supervisory power exercised by the Banking Supervisory Authority.

The rules on the suitability requirements for the office of bank management body members have been revised by Ministerial Decree No. 169 of 23 November 2020, implementing Article 26 of the Consolidated Law on Banking transposing Directive 2013/36 (CRD IV). The revised rules apply to appointments after 30 December 2020; hence, for Intesa Sanpaolo, they apply to the renewal of the Bodies for the years 2022/2023/2024.

In this regard, the EBA, the ESMA and the ECB have issued detailed guidelines on the requirements to be met by Directors in terms of integrity, competence, independence and time commitment (Guidelines on the assessment of the suitability of members of the management body and key function holders of banks and financial intermediaries, updated in July 2021, and the ECB's Guide to fit and proper assessments, last updated in December 2021).

Additional conditions for undertaking the office and for assessing the suitability of the members of the Corporate Bodies were also defined by the Supervisory Provisions on corporate governance and by the Provisions on the procedure for assessing the suitability of bank management body members (Measure of 4 May 2021). Taking into account the guidelines of the Regulatory and Supervisory Authorities, the Board of Directors has adopted specific criteria and rules for examining and assessing the suitability requirements for Board Members and the overall adequacy of the Board. These criteria were updated in February 2022 with effect from the next renewal of the bodies scheduled for spring 2022.

According to the internal regulations, each Director is required to submit to the Board of Directors the declarations and documentation proving that he/she meets the suitability requirements and demonstrating the absence of grounds for incompatibility, and to communicate any changes.

Following the renewal of the Bodies in 2019 and the appointment of two new Directors in 2020, the Board and the Management Control Committee, each within the scope of their responsibility, successfully conducted the process of ascertaining all the necessary suitability requirements for the office. The Board also assessed the overall compliance of its qualitative and quantitative composition with the recommendations made by the outgoing Board of Directors (see document published on the Bank's website at the time of the appointment of the Bodies currently in office).

The assessment of the Board Members' compliance with requirements was also repeated when preparing this Report.

Below is a summary of the details of the independence requirements and the limitation of directorships of Board Members, as currently applicable, with a focus on board induction.

Independence requirements: Independent Directors

In performing his/her functions, the Managing Director relies first and foremost on support from the Steering Committee and secondly from the other Managerial Committees, reference to which is made

In urgent cases, the Managing Director may propose that the Chairman resolve on any matters pertaining to the Board (except for strategic matters or those that cannot be delegated); again, in urgent

In the event of absence or impediment of the Managing Director, the powers as General Manager are

In order to ensure the sound and prudent management of the Company and the proper functioning of the Board of Directors as a whole, the Board Members must meet the suitability requirements for the

Specifically, the Board assesses the suitability requirements for the office of all Directors, except for the

members of the Management Control Committee, who are assessed by the Committee itself.

office as established by the applicable legislation and the Articles of Association.

cases and on an exclusive basis, the Managing Director shall resolve on lending matters.

exercised with joint signatures by the Chief Financial Officer and the Chief Governance Officer.

legislation and the Articles of Association.

proper representation of operations.

in a specific paragraph below.

adequacy of the Body.

P. XIII R. 24

P. V P. XII Suitability requirements

No. 201/2011, converted by Law No. 214/2011.

see the next chapter dedicated to this Committee).

subject to specific and continuous monitoring.

defined by the Board.

All Board Members act with independence of mind and awareness of the duties and rights inherent to the office, in the interest of the sound and prudent management of the Bank and in compliance with the law and any other applicable rules.

Under the Articles of Association, at least two thirds of the Directors must meet the independence requirements established in the Articles of Association.

To this end, Intesa Sanpaolo, in addition to applicable regulatory provisions, has included in its Articles of Association a particularly strict independence requirement which provides that Independent Directors must meet both the conditions under Article 2 of the Corporate Governance Code and the independence requirements for statutory auditors under Article 148, paragraph 3, of the Consolidated Law on Finance, where these are more restrictive.

The decision made in the Articles of Association to require such a large number of Independent Directors reflects the Bank's awareness of the undeniable value of the role played by these Directors and helps to ensure that the composition of Board Committees is in line with best international practices. In particular, both the Management Control Committee and the Committee for Transactions with Related Parties are entirely composed of Independent Directors, while the other Committees have a majority of independent members. Furthermore, the Articles of Association provide that the Committees are always chaired by Independent Directors.

When they accepted their candidature, 14 Directors declared that they met the independence requirements laid down in the Articles of Association. The Board of Directors verified the independence requirements following the appointment of the 14 Directors concerned, announcing the outcome of the assessment in a press release. This assessment was renewed positively in view of the approval of this Report, based on the statements made by the parties concerned, the information available to the Bank, as well as the criteria adopted by the Board, to evaluate the relevance of the financial, professional and commercial relations entertained by the Directors with the Intesa Sanpaolo Group.

In order to assess the relevance of a financial relationship with the Intesa Sanpaolo Group, specific relevance indicators were applied, concerning:

i. the amount of the shareholding in the capital of Intesa Sanpaolo or a subsidiary;
ii. the amount of the shareholding of a company belonging to the Intesa Sanpaolo Group in the capital of the company in question;
iii. the extent of the nominal credit exposure;
iv. the rating assigned to the customer based on the corporate rules.

The indicators differ according to the degree of proximity of the relationship to the Director (direct relationships, with subsidiaries, with companies in which executive offices are held); if specific monitoring and attention thresholds are exceeded, additional weighing criteria are applied to each exposure according to the risks associated with it and its position with respect to the system, as detailed in the specific internal regulations adopted by the Board.

To assess the relevance of a business or professional relationship with Intesa Sanpaolo or another subsidiary, the Board of Directors considers the total amount of annual turnover resulting from relationships with companies of the Intesa Sanpaolo Group as the main relevance indicator for the relationship.

For all the relationships reported, when specific pre-set thresholds are exceeded, the Board of Directors may assign different areas of assessment, within which the specific characteristics of the relationship are analysed. For each assessment area, a risk control measure of increasing intensity or a reasoned assessment of the continued compliance with the independence requirement is required.

The Board also takes into account the relevance of other situations that may be useful to assess the Directors' financial, business and professional relationships with the Intesa Sanpaolo Group. These situations include any disputes that have given rise to legal proceedings between the Director and the Bank or another Group Company.

The situations reported are assessed according to specific materiality thresholds.

In this regard it is noted that, at the date of approval of this Report, the following 14 Directors were found to have met the independence requirements laid down in the Articles of Association: Paolo Andrea Colombo, Andrea Sironi, Rossella Locatelli, Livia Pomodoro, Maria Alessandra Stefanelli, Guglielmo Weber, Daniele Zamboni, Maria Mazzarella, Anna Gatti, Fabrizio Mosca, Milena Teresa Motta, Maria Cristina Zoppo, Alberto Maria Pisani and Roberto Franchini3.

The members of the Management Control Committee, also in their capacity as Board Members, positively assessed the correct application of the assessment criteria and procedures adopted by the Board of Directors to assess the independence of the said 14 Directors.

The Articles of Association govern the effects of the loss of the independence requirements. In particular, the loss of the requirement in the case of a Director, who is not also a member of the Management Control Committee, does not result in his/her disqualification from office if the minimum number of Directors satisfying the necessary requirements is met. However, this is without prejudice to the cessation from those offices for which said requirement is mandatory under applicable regulations or the Articles of Association.

The Board Regulations provide that Independent Directors shall meet without the other members at least once a year to discuss issues of interest to the functioning of the Board and corporate management. In 2021 and up to the date of approval of this Report, the Independent Directors met once. The meetings are chaired by Independent Director Livia Pomodoro, who also calls the meetings, ensures they are recorded in minutes and reports to the Board at its next meeting. Under the Board Regulations, an Independent Director may be formally appointed as lead independent director if requested by a majority of the Independent Directors.

³ Director Andrea Sironi resigned from office, effective 28 February 2022.

P. XII

R. 15

Management or control positions of Directors and time commitment

Each Director is responsible for examining and assessing the conditions which enable him/her to perform his/her duties diligently and with appropriate time commitment, also with regard to membership of Board Committees.

The members of the Corporate Bodies are required to devote appropriate time to the performance of their office at the Bank and to confirm this availability in writing.

The Intesa Sanpaolo's Articles of Association incorporate the guidelines of the CRD IV Directive and national banking legislation concerning limitation of directorships, designed to ensure maximum time commitment to the office held.

The Directors may thus concurrently hold only one of the following combinations of directorship offices: a) one executive directorship with two non-executive directorships;

b) four non-executive directorships.

In order to assess the relevance of a financial relationship with the Intesa Sanpaolo Group, specific

ii. the amount of the shareholding of a company belonging to the Intesa Sanpaolo Group in the capital

The members of the Management Control Committee, also in their capacity as Board Members, positively assessed the correct application of the assessment criteria and procedures adopted by the

assessment of the continued compliance with the independence requirement is required.

The situations reported are assessed according to specific materiality thresholds.

commercial relations entertained by the Directors with the Intesa Sanpaolo Group.

i. the amount of the shareholding in the capital of Intesa Sanpaolo or a subsidiary;

iv. the rating assigned to the customer based on the corporate rules.

relevance indicators were applied, concerning:

iii. the extent of the nominal credit exposure;

in the specific internal regulations adopted by the Board.

Cristina Zoppo, Alberto Maria Pisani and Roberto Franchini3.

requested by a majority of the Independent Directors.

Director Andrea Sironi resigned from office, effective 28 February 2022.

Board of Directors to assess the independence of the said 14 Directors.

of the company in question;

Bank or another Group Company.

the Articles of Association.

R. 5, last paragraph R. 13 R. 14

relationship.

R. 6 R. 7 R. 10

To this end, the following shall be considered as one single directorship:

a) executive or non-executive directorships held within the same Group;

b) executive and non-executive directorships held within: (i) entities that are members of the same institutional protection scheme provided that the conditions of Article 113(7) of the Capital Requirements Regulation (CRR) are fulfilled or (ii) undertakings (including non-financial entities) in which the entity holds a qualifying interest.

Furthermore, by virtue of the rules on interlocking directorates (Article 36 of Italian Law Decree No. 201/2011, converted by Law No. 214/2011), Directors cannot accept or exercise offices in the management, supervisory or control bodies of competing companies or groups of companies operating in the credit, insurance or financial markets.

The Directors holding offices that are covered by the prohibition must inform the Board of the option exercised within 90 days of their appointment. If the option is not exercised by said deadline, the Director in question must attest to the Board that the offices held do not give rise to situations of incompatibility pursuant to the abovementioned Article 36, stating the reasons in detail.

Directors are required to re-attest each year that they do not hold offices in the management, supervisory or control bodies of competing companies or groups of companies, to allow the plenary meeting of the Board to perform its annual assessment. The assessment was concluded with a positive outcome also with reference to the 2021 financial year, prior to the approval of this Report.

Directors are required to inform the Bank of any office they hold in other companies and institutions. Table 2 of Part IV of this Report lists the management or control offices that the Board Members have stated they hold.

For the sake of completeness, it should lastly be specified that Directors cannot act in the capacity of general partners in competing companies, or engage themselves in a competing business on their own account or on behalf of third parties, or take the office of directors or general managers in competing companies, unless authorised by the Shareholders' Meeting (Article 2390 of the Italian Civil Code).

It should be noted that the Board of Directors, in the February 2019 document on the optimal qualitative and quantitative composition of the Board, quantified and disclosed the minimum time required for the performance of the various offices within the Board.

Taking these indications into account, all the Directors have consistently confirmed the required availability, both at the time of their appointment and during the annual self-assessment, having regard to the overall number of offices held and the professional activities performed.

Board induction

The Board of Directors, with the support of the Nomination Committee, ensures the implementation of the induction plans for Directors. In this context, on the Chairman's instructions and on the basis of the outcomes of the self-assessments, initiatives for Board Members are held to increase their knowledge of the Bank's and the Group's sector of activity, corporate dynamics and development, the principles of sound risk management and the applicable regulatory and self-regulatory framework, as well as formal and informal meetings aimed at further reviewing strategic matters ("ongoing induction").

P. XII

The induction plans are drawn up periodically following (i) the first assessment carried out after appointment and (ii) the self-assessment carried out annually by the Board of Directors. In any event, Directors are given the opportunity to make individual requests for training in a specific area, whenever they consider it necessary.

During the annual self-assessment, the Board, with the support of the Nomination Committee, expresses its opinion on the implementation and quality of the past induction plan, also to help refine the process and strengthen the quality of training.

The induction sessions are organised in a well-structured manner: the Directors are formally invited by the Chairman to take part, they are provided in advance with the relevant documentation and are given the option to connect via videoconference if they are unable to attend in person.

In 2021 and up to the approval of this Report, 8 induction sessions were held to allow the Directors to examine and discuss the various aspects of the Bank's and Group's activity, the applicable regulatory framework and the duties and responsibilities of their office. The induction sessions covered, among other things: the latest developments in the cyber environment and new threat scenarios; the architecture of Intesa Sanpaolo's digital channels; ESG Reporting, Commitment to Net Zero and the Task Force on climate-related Financial Disclosures Report 2020-2021; the evolution of ESG/Climate issues and the Intesa Sanpaolo Group's commitment as part of a dedicated programme; anti-financial crime procedures, market abuse regulation and personal transactions; bank usury; Global Capital Allocation and International Currencies.

In addition, the Board held four informal brainstorming meetings on the drafting process of the 2022/2025 Business Plan, during which the following topics, among others, were discussed in depth: scenario hypotheses for the 2021/2025 period, results of the survey on the new Plan and of the workplace climate analysis conducted on Group people, business model and digital transformation.

Lastly, in order to promote better understanding of the applicable corporate and regulatory framework and its development, a collection of governance documents, regulatory references, key correspondence with the Supervisory Authorities, financial reports and any additional documentation conducive to the performance of their duties is made available to Directors – and regularly updated – through a dedicated IT platform.

Conflicts of interest

Introduction

The Intesa Sanpaolo Group has adopted special measures to manage the risk of possible conflicts of interest arising from the close connections that some parties and entities may have with company decision-makers.

The set of rules and measures adopted is aimed at ensuring that the transactions entered into by the Group are carried out transparently and in line with substantive and procedural fairness criteria and in compliance with the principle of sound and prudent management, in line with corporate law, banking supervisory regulations and Consob provisions.

The management and control measures in place to safeguard the Bank's and the Group's capital against potential conflicts of interest are described below.

Interests of Directors

Any member of the Board of Directors holding an interest, on his/her own account or on behalf of third parties, in a specific Company transaction submitted to the attention of the Board of Directors or the internal Board committee of which he or she is a member shall give timely notice thereof, specifying its nature, terms, origin and scope and, where there is a conflict of interest, he/she shall abstain from the resolution.

The Board of Directors' resolution in favour of the transaction must adequately justify the reasons and convenience thereof for the Company.

The Board always has exclusive jurisdiction over decisions regarding transactions in which the Managing Director has an interest on his/her own account or on behalf of a third party and must therefore abstain from carrying out the transaction, entrusting it to the Board as per Article 2391 of the Italian Civil Code.

In this regard, the Board has adopted a policy for managing situations involving Directors with conflicts of interest.

Furthermore, in accordance with the provisions of the Group's Code of Conduct and the RPT Procedures (see paragraph below), all management body members, employees and other staff, in the performance of their respective duties, must abstain from making decisions and engaging in activities contrary to, or in conflict with, the interests of the Company and/or the Group, or otherwise incompatible with their duties.

The above is in any event without prejudice to the application of the special decision-making procedure set forth in Article 136 of the Consolidated Law on Finance and the regulations regarding transactions with related parties and associated entities, whenever the specific conditions exist.

Transactions with related parties and associated entities and obligations of Board Members and General Managers of the Bank

The RPT Procedures take into account both the regulations issued by Consob, pursuant to Article 2391 bis of the Italian Civil Code, and the Supervisory Provisions implementing Article 53(4) et seq. of the Consolidated Law on Banking, and, in addition, the rules laid down in Article 136 of the Consolidated Law on Banking.

The Procedures, updated in June 2021, apply to the entire Group and govern, with reference to the transactions with related parties of Intesa Sanpaolo and associated entities of the Intesa Sanpaolo Group, the following aspects:

the criteria for identifying related parties and associated entities;
the process of analysis, decision-making and reporting to the Corporate Bodies on transactions executed with related parties and associated entities, with an important role of the Committee of independent directors within the Board of Directors;
market disclosure for transactions with related parties;

The Intesa Sanpaolo Group has adopted special measures to manage the risk of possible conflicts of interest arising from the close connections that some parties and entities may have with company

The management and control measures in place to safeguard the Bank's and the Group's capital against

The Board of Directors' resolution in favour of the transaction must adequately justify the reasons and

the option to connect via videoconference if they are unable to attend in person.

they consider it necessary.

and strengthen the quality of training.

Allocation and International Currencies.

supervisory regulations and Consob provisions.

potential conflicts of interest are described below.

convenience thereof for the Company.

IT platform.

Introduction

Conflicts of interest

decision-makers.

Interests of Directors

resolution.

R. 37 paragraph 1

the prudential limits and obligations for periodic reporting to the Bank of Italy for assets at risk in relation to associated entities;
the rules governing organisational controls and safeguards;
the general rules for disclosure and abstention for the management of the personal interests of board members, employees and other staff, qualifying as associated entities or otherwise.

As a form of self-regulation, the Bank has extended the regulation on transactions with related parties, as well as that on risk assets and conflicts of interest with respect to associated entities to cover a wider scope than that required by the regulations.

A more detailed description of the Group procedures is provided in Part H of the Notes to the Parent Company and consolidated financial statements, available on the Bank's website, where the full text of the Procedures ("Governance"/"Company Documents") is also published.

The Procedures also govern operations with Directors and parties associated to them pursuant to Article 136 of the Consolidated Law on Banking. This rule requires the adoption of a more thorough decisionmaking procedure (unanimous decision by the Board excluding the vote of the Director concerned, and the favourable vote of the Management Control Committee members) in order to allow the Directors to undertake obligations, directly or indirectly, with the Bank.

The Board of Directors' self-assessment

In 2022, the Board of Directors supported by the Nomination Committee, carried out the annual selfassessment of the composition, performance, conduct and dynamics characterising the Board and the Board Committees.

P. XIV R. 21 R. 22

A similar self-assessment was carried out by the Management Control Committee, to which reference is made in the relevant paragraph.

The self-assessment process was performed in accordance with the provisions of the specific Board Regulations, adopted in implementation of the Supervisory Provisions on corporate governance, as well as in light of the recommendations of the Corporate Governance Code.

The Chairman ensures that the self-assessment process is performed effectively, that the manner of its performance is consistent with the complexity of the Board's work and that corrective measures are adopted to remedy any deficiencies identified. R. 12 e)

The self-assessment is also an opportunity for the Board of Directors to assess the adequacy of the governance system chosen by the Company and that it meets the corporate needs.

The Board's self-assessment was performed with the professional assistance of Crisci & Partners, an expert consulting firm which has supported the Bank in the board review process since 2015. This firm was deemed to possess the requirements of neutrality, objectivity, competence and independence envisaged by the Board Regulations. With regard to independence, it is specified that Crisci & Partners has not recently had any economic dealings with the Bank and/or Group companies, except for the previous assignments granted to the firm for its assistance in drafting the guidelines on the Board of Directors' qualitative and quantitative composition, the self-assessment process of the Corporate Bodies and the drawing up of the Regulations on said self-assessment process.

Pursuant to the provisions of the Board Regulations, Crisci & Partners assisted the Board of Directors in the following phases of the self-assessment process:

Information collection: information was gathered on the qualitative-quantitative composition and functioning of the Body. According to the aspects considered, this stage involved the collection of information already available to the Bank, as well as through questionnaires and individual interviews.
Data processing: the information collected during the previous stage was analysed and consolidated, taking care to ensure the anonymity of the Directors.
Preparation of results: Crisci & Partners, after discussing the results of the data processing with the Nomination Committee, and having collectively shared them, formalised the self-assessment results in the document "Results of the Self-assessment of the Board of Directors and of the Board Committees – Financial Year 2021", which summarises the methods used and results achieved.

The self-assessment was conducted on the basis of questionnaires, organised - in relation to the expiry of the mandate conferred to the Bank's Bodies - in two separate parts: the "first part" dedicated to the 2021 Self-Assessment of the composition and operation of the Board of Directors and Board Committees; the "second part" functional to the Guidance to the Shareholders, which the outgoing Board expresses, in view of its renewal, on its quantitative and qualitative composition deemed optimal.

Before conducting the interviews, the consultants from Crisci & Partners appointed to carry them out carefully read all the minutes of the Board of Directors' meetings relating to financial year 2021, including the pre-meeting documentation, as well as, regarding the Board Committees, all the agendas and a large sample of the minutes of the meetings for the same year, including the Committees' pre-meeting documentation, in order to become acquainted with and examine the issues dealt with during the year, the comments expressing the diversified skills within the Body and the discussions held.

The questionnaire, in line with the approach adopted in the board review of the last few years, focused on various areas regarding the composition and operations of the Board and the Board Committees.

The main aspects assessed were the following:

professional skills, in terms of knowledge, experience and competence, of the Board as a whole;
composition and balancing of roles within the Body, with a focus on diversity in terms of age, gender and seniority of service;
existence and adequacy of succession plans in top executive and top management positions;
frequency and quality of induction meetings;
functioning of the body as a whole;
conduct of meetings in terms of frequency, topics discussed, duration, Board attendance and participation methods;
role of the Chairman and the Chief Executive Officer;
composition, functioning and quality of the discussion characterising the individual Board Committees.

P. III R 2

information flows between Bodies;
the Business Plan.

A similar self-assessment was carried out by the Management Control Committee, to which reference

The self-assessment process was performed in accordance with the provisions of the specific Board Regulations, adopted in implementation of the Supervisory Provisions on corporate governance, as well

The self-assessment is also an opportunity for the Board of Directors to assess the adequacy of the

Pursuant to the provisions of the Board Regulations, Crisci & Partners assisted the Board of Directors

Information collection: information was gathered on the qualitative-quantitative composition and functioning of the Body. According to the aspects considered, this stage involved the collection of information already available to the Bank, as well as through questionnaires and individual
Data processing: the information collected during the previous stage was analysed and consolidated,
Preparation of results: Crisci & Partners, after discussing the results of the data processing with the Nomination Committee, and having collectively shared them, formalised the self-assessment results in the document "Results of the Self-assessment of the Board of Directors and of the Board Committees – Financial Year 2021", which summarises the methods used and results achieved.

professional skills, in terms of knowledge, experience and competence, of the Board as a whole; - composition and balancing of roles within the Body, with a focus on diversity in terms of age, gender
existence and adequacy of succession plans in top executive and top management positions;
conduct of meetings in terms of frequency, topics discussed, duration, Board attendance and
composition, functioning and quality of the discussion characterising the individual Board

the comments expressing the diversified skills within the Body and the discussions held.

as in light of the recommendations of the Corporate Governance Code.

and the drawing up of the Regulations on said self-assessment process.

in the following phases of the self-assessment process:

taking care to ensure the anonymity of the Directors.

The main aspects assessed were the following:

frequency and quality of induction meetings;
role of the Chairman and the Chief Executive Officer;
functioning of the body as a whole;

and seniority of service;

participation methods;

Committees.

governance system chosen by the Company and that it meets the corporate needs.

is made in the relevant paragraph.

interviews.

R. 12 e)

P. III R 2

adopted to remedy any deficiencies identified.

For the results of the self-assessment process of the Intesa Sanpaolo Board of Directors and Board Committees please refer to the Overview.

Functioning of the Board of Directors

Calling of meetings

The Board of Directors is called by the Chairman whenever it is deemed useful or necessary, or when a written request is made by the Managing Director or by at least two Directors, therein specifying the agenda items to be dealt with; subject to prior notification to the Chairman, the Board may also be called by the Management Control Committee or by its members, even individually.

The Board appoints a Secretary, who need not be one of its members, evaluating also his or her professionalism and the independence of judgment in relation to the role held. The Secretary supports the Chairman and the Board in performing their respective functions, coordinating all matters necessary to the overall functioning of Board operations and providing assistance and advice to the Board of Directors on all aspects relevant to the proper operation of the corporate governance system. At the meeting held on 2 May 2019, the Board appointed the Head of the Corporate Bodies and Corporate Affairs Head Office Department as Secretary.

The Chairman, upon calling the Board meeting, sets the agenda, also taking into account any requests put forward by the Directors, even individually, and ensuring that priority is given to matters of strategic importance.

The notice of call, containing the agenda of matters to be discussed, must be sent to the Directors at least four days before the date set for the meeting, by any suitable means to provide proof of receipt thereof. In particularly urgent cases, the meeting may be called by simply giving a twelve-hour notice. In any event, a Board meeting will be deemed to be validly constituted when, even in the absence of a formal call, it is attended by all Directors.

Agenda items are grouped by topic areas, in order to ensure their orderly discussion. It is also specified whether the item will be subject to resolution or examined merely for information purposes.

The Board usually alternates between meeting at the Turin registered office and at the Milan secondary registered office or, exceptionally, at another location in Italy. The Articles of Association also provide that Board meetings may be held remotely, provided that the identity of those attending can be verified and that all are able to follow the discussions and intervene in real time on the matters on the agenda as well as to view, receive and transmit documents. This method was widely used starting from March 2020, also taking into account the measures on restricted movement as a result of the epidemic.

Reports to Directors

The Chairman, aided by the Secretary where necessary, ensures that documentation relating to items on the agenda is brought to the attention of all Directors in accordance with criteria of completeness and suitably in advance of the meeting date.

In line with the provisions of the Board Regulations, the documentation regarding the agenda is distributed as a rule four days prior to the meeting to enable all Directors to obtain due background information about each of the agenda items and thus to perform their duties in a knowledgeable manner and contribute to passing informed resolutions on said items; documentation for information purposes can also be sent after this deadline.

R. 11

The documentation made available to the Directors must include everything that is necessary, useful and adequate, in quantitative and qualitative terms, with respect to the subject matters to be discussed.

Where the matters to be resolved on must be submitted in advance to the Board Committees, the Chairman ensures that the documentation is made available to them in the manner and timing indicated in the specific Regulations; subsequently, the Chairman ensures that the documentation in support of the Board's activities includes the opinions or any proposals put forward, on the basis of the records of the minutes of each Committee. The documentation made available to the members of a Board Committee for the performance of the related activities shall also be made available to the other Directors. R. 12 b)
Where the documentation contains price-sensitive elements, the proposing structure shall indicate the assessments performed to guarantee the correct processing of the inside information and full compliance with the disclosure obligations established by law. R. 1 f)
Proposals to the Board are first presented to the Chairman in order to enable the latter to appropriately assess the issues to be placed on the agenda and the adequacy of the information provided to the Directors. R. 12 a)

Particularly lengthy or complex documentation is accompanied by an executive summary recapping the most significant points of relevance for resolutions, without prejudice to the fact that such document is in no way considered a replacement for the complete documentation sent to Directors. The resolution proposed to the Board on each agenda item is set out in a specific summary document, prepared by the Board secretary, also highlighting the control measures adopted.

Directors are duty-bound to observe the Bank's internal procedures in order to ensure the absolute confidentiality of the documentation that is made available to them for the purpose of their decisions.

Normally, Board Members consult said documentation by accessing a dedicated IT platform, which is managed by the secretariat of the Board of Directors. Directors who intend to access the documentation by other means must be authorised to do so in advance by the Chairman, who may refuse authorisation if he believes that the requested access methods may jeopardise the confidentiality of the documentation.

If, in highly exceptional situations, the Chairman considers it appropriate not to distribute the documentation in advance, or there are other justified reasons for not distributing it, the documentation may be provided directly at the meeting, specifying its nature as additional material. In such cases the Chairman must verify compliance with the principles of completeness and adequacy of the information for all Directors and ensure that all adequate and accurate in-depth analyses are conducted during the meeting. In any event, the Directors have the right to request any clarification, further details or additional information considered necessary or appropriate for correctly assessing the topics.

In any event, the Board documentation is kept – remaining available to Board Members – on the dedicated IT platform, as well as at the secretariat of the Board of Directors.

Conduct of meetings and the decision-making process

The meeting of the Board of Directors is duly constituted where the majority of its members are in attendance.

The Chairman chairs the meetings and coordinates discussions, ensuring adequate space is given to the discussion of each topic on the agenda, including the examination of financial reporting, giving priority to key strategic issues and ensuring that the necessary amount of time is dedicated to them in order to guarantee a constructive debate. The Chairman invites the Directors to provide their own contributions and endeavours in a neutral way to ensure that the Board's resolutions are the result of appropriate discussion, in particular between the Managing Director and the other Directors, and of the informed and reasoned contribution of all its members. In any case, the meeting must ensure the full and exhaustive discussion of each item and special attention to the content of the documents that could not be made available in advance.

P. X

The Chair of each of the Board Committees shall report on the activities carried out by the Committee on the matters under discussion falling within its remit, also providing, where appropriate, the Committee's opinion or proposal about the decision to be made.

Directors actively participate in board discussions, contribute to discussions based on their respective skills and knowledge and analyse the various topics from different viewpoints, contributing to carrying out a reasoned decision-making process and to reaching well-pondered Board resolutions. Without prejudice to the prerogatives of the Managing Director or – where expressly so provided – the Committees, each Director may formulate proposals or motions regarding the items on the agenda to the Board of Directors.

According to the subject matter to be discussed, the Board of Directors may admit to its meetings employees and/or management body members of the Bank or Group, advisors or external experts of the Bank or other internal or external parties, for tasks within their purview and in view of the need for further information, where the presence of these individuals is howsoever deemed helpful to improve the performance of the Board's duties. The Chief Governance Officer and the Head of the Corporate Bodies and Corporate Affairs Head Office Department attend the Board meetings.

The direct participation of management functions in the Board's proceedings allows the Directors to obtain clarification and additional information on items on the agenda and is particularly important in encouraging the appropriate contribution and involvement of Corporate Structures in the decisionmaking process. The Board meetings held during 2021 were regularly attended by Executives of the Bank and the Group companies, as well as by the Heads of the relevant corporate functions competent in the matters dealt with from time to time.

The Board normally resolves by absolute majority vote of those in attendance; in the event of a tie, the Board member chairing the meeting shall have the casting vote. Resolutions concerning the appointment and removal of the Managing Director, the assignment, modification or revocation of his powers and the determination of his remuneration, the replacement of Directors removed by co-option, the proposed revocation of the members of the Management Control Committee, the appointment and removal of the Manager responsible for preparing the Company's financial reports and the disqualification of independent Directors or Directors elected by minorities other than members of the Management Control Committee are passed with the favourable vote of the majority of members in office.

The Chairman, with the assistance of the Secretary, oversees the preparation of the minutes of the meetings – except when they are drawn up by a notary pursuant to the law – ensuring their transcription in the appropriate mandatory corporate registers and their storage, including for consultation purposes, at the secretariat of the Board of Directors, using IT tools.

The minutes describe in a detailed and exhaustive manner the conduct of the debate between the Board Members, in order to acknowledge the opinions expressed, as well as the decision-making process, also taking into account the related reasons.

Each Director has the right to ensure that the minutes include a note of any contrary vote or abstention and the related reasons.

Resolutions passed by the Board on the agenda items are sent by the secretariat to the Corporate Structures involved, to ensure timely reporting or the subsequent implementation of the resolutions within the Bank or the Group.

Frequency of meetings and Director attendance

Pursuant to the Articles of Association, Board of Directors' meetings are held at least once a month. In practice, the Board meets on a regular basis, usually twice a month. This frequency ensures that the number of items included in the agenda is appropriate to ensure their proper discussion and constructive debate.

In 2021 the Board held 25 meetings.

Where the matters to be resolved on must be submitted in advance to the Board Committees, the Chairman ensures that the documentation is made available to them in the manner and timing indicated in the specific Regulations; subsequently, the Chairman ensures that the documentation in support of the Board's activities includes the opinions or any proposals put forward, on the basis of the records of the minutes of each Committee. The documentation made available to the members of a Board Committee for the performance of the related activities shall also be made available to the other

Where the documentation contains price-sensitive elements, the proposing structure shall indicate the assessments performed to guarantee the correct processing of the inside information and full

Proposals to the Board are first presented to the Chairman in order to enable the latter to appropriately assess the issues to be placed on the agenda and the adequacy of the information provided to the

In any event, the Board documentation is kept – remaining available to Board Members – on the

The meeting of the Board of Directors is duly constituted where the majority of its members are in

information considered necessary or appropriate for correctly assessing the topics.

dedicated IT platform, as well as at the secretariat of the Board of Directors.

Conduct of meetings and the decision-making process

not be made available in advance.

compliance with the disclosure obligations established by law.

Board secretary, also highlighting the control measures adopted.

Directors.

R. 12 b)

R. 1 f)

R. 12 a)

Directors.

documentation.

attendance.

P. X

In light of the continuation of the Covid-19 emergency and taking into account the provisions issued from time to time, in 2021 meetings were still organised permitting Board Members to attend them remotely or through videoconference links from the Group Offices in Turin, Milan, Rome, Bologna, Florence and Padua, naturally using personal protective equipment made available on site, to prevent the risk of P. VI

R. 12 c)

P. IX

infection. Similar procedures were put in place for non-Board members, from inside or outside the Group, who attended the Board meeting from time to time.

To simplify the remote management of meetings - while always ensuring that the preparatory documentation was made available to Board members well in advance (usually when convening the meeting) - the following procedure for conducting Board's discussions was used during 2021:

• the Board Members were invited to transmit any questions on the agenda items to the Board Secretariat the questions were forwarded to the competent Structures asking them to prepare the answers to be provided, for the benefit of the entire Board, at the meeting (obviously without prejudice to the right of each Director to interact further during the meeting on the issues under examination, especially the most important ones);

the Board Secretariat then sent an e-mail to the Chairman and the Managing Director and made available on the dedicated IT platform a Q&A file with the questions asked by the Directors and the answers from the competent Structures; the Secretariat also sent in advance by e-mail to each Director the replies provided by the Structures to any questions on the agenda items;

since the documentation was provided to the Directors appropriately in advance of the meeting to enable its examination, the rapporteur did not present it during the meeting, with the exception of particularly complex documents; the rapporteur was only asked to answer questions from the Board Members or provide them with further information, or to respond to specific requests by the Board concerning issues of particular significance;
the Chairs of the Board Committees and the Chairman of the Management Control Committee intervened to give an account, to the extent applicable, of the outcomes of the investigations conducted on the various issues.

The Board of Directors - as also shown by the 2021 self-assessment - considered these operating methods to be satisfactory, in terms of effectiveness and efficiency. Accordingly, it is expected that these procedures will continue to be used in the future as standard practice.

As in the past, the attendance of Directors at meetings was constant and stood at 99.8%. Specifically, the attendance of 18 Directors was 100% and that of 1 Director was 96%. For details on the Directors' attendance, see Summary Table No. 1.

This level of attendance at Board meetings ensured the systematic contribution of all Directors to the management of Group and Bank business, thereby allowing the Bank to make full use of the professional skills on the Board.

For all Directors, the overall commitment also includes the activities associated with the meetings (study of documentation on items on the agenda, meeting preparation, talks and requests for information, etc.) and the activities relating to participation in Board Committees.

The Board meetings lasted an average of 3 hours and 20 minutes, which was considered sufficient time to thoroughly examine and discuss the items on the agenda, also in view of the appropriate meeting and pre-meeting information, and the number of meetings held.

In 2022, as at the date of approval of this Report, the Board has held 3 meetings. The Company's 2022 financial calendar – announced to the market (and made available on the website) in January 2022 in compliance with the Borsa Italiana Regulations – indicates the following dates for meetings:

6 May review of the Interim Statement as at 31 March 2022
29 July review of the Half-yearly Report as at 30 June 2022
4 November review of the Interim Statement as at 30 September 2022.

Corporate Bodies and Corporate Affairs Department

In support of the activity of the Board and the Committees, the Corporate Bodies and Corporate Affairs Head Office Department coordinates the functions of the secretariat, ensures the necessary information and advisory support in relation to the Bodies' functioning and related obligations, and coordinates the definition of the rules and proposals of the main corporate governance documents within the remit of the Secretary of the Board, to be submitted to the approval of the Bodies.

Concurrently, the measures concerning the specialised monitoring of the Group's main corporate governance processes are prepared, ensuring legal advice for the proper functioning of the governance provisions, including those relating to the suitability requirements of management body members, transactions with related parties, as well as the associated interactions with the Supervisory Authorities.

R. 18

Duties and powers

infection. Similar procedures were put in place for non-Board members, from inside or outside the

To simplify the remote management of meetings - while always ensuring that the preparatory documentation was made available to Board members well in advance (usually when convening the

• since the documentation was provided to the Directors appropriately in advance of the meeting to enable its examination, the rapporteur did not present it during the meeting, with the exception of particularly complex documents; the rapporteur was only asked to answer questions from the Board Members or provide them with further information, or to respond to specific requests by the Board

• the Chairs of the Board Committees and the Chairman of the Management Control Committee intervened to give an account, to the extent applicable, of the outcomes of the investigations

This level of attendance at Board meetings ensured the systematic contribution of all Directors to the management of Group and Bank business, thereby allowing the Bank to make full use of the

The Board meetings lasted an average of 3 hours and 20 minutes, which was considered sufficient time to thoroughly examine and discuss the items on the agenda, also in view of the appropriate meeting

compliance with the Borsa Italiana Regulations – indicates the following dates for meetings:

meeting) - the following procedure for conducting Board's discussions was used during 2021:

Director the replies provided by the Structures to any questions on the agenda items;

Group, who attended the Board meeting from time to time.

especially the most important ones);

concerning issues of particular significance;

procedures will continue to be used in the future as standard practice.

and the activities relating to participation in Board Committees.

and pre-meeting information, and the number of meetings held.

6 May – review of the Interim Statement as at 31 March 2022 29 July – review of the Half-yearly Report as at 30 June 2022

Corporate Bodies and Corporate Affairs Department

4 November – review of the Interim Statement as at 30 September 2022.

the Secretary of the Board, to be submitted to the approval of the Bodies.

conducted on the various issues.

attendance, see Summary Table No. 1.

professional skills on the Board.

R. 18

The Management Control Committee, appointed by the Shareholders' Meeting and established within the Board of Directors pursuant to the Articles of Association, performs the duties assigned by applicable legislation to the control body of the parent company of a banking group heading a financial conglomerate and issuing listed shares, as established by the legal and regulatory provisions, as well as the Articles of Association and the Committee Regulations.

The Committee's operations and organisation are governed by said Committee Regulations, in compliance with the provisions of laws, regulations and the Articles of Association and, to the extent applicable, with the provisions of the Corporate Governance Code. The Regulations govern the Committee's operations also in its capacity as Internal Control and Audit Committee in accordance with Article 19(2)(c) of Legislative Decree No. 39/2010, as novated by Legislative Decree No. 135/2016.

In particular, the Management Control Committee:

oversees compliance with the provisions of laws, regulations and the Articles of Association and with the principles of correct management;
oversees the specific manner of implementing the corporate governance rules laid down in the Corporate Governance Code and in the codes of conduct drawn up by companies managing regulated markets or by trade associations which the Bank declares to follow by public disclosure;
oversees the adequacy, efficiency and functionality of the Company's organisational structure and internal control system, as well as of the administrative-accounting system and its suitability to give a proper representation of operations, as well as the statutory audit process;
oversees the adequacy, efficiency and functionality of the internal control system and assesses the adequacy and effectiveness of all the structures involved, as well as their proper coordination, by promoting the adoption, by the Board or the Managing Director, of measures to correct any deficiencies or irregularities detected;
is consulted by the Board on decisions regarding the appointment and removal of:
- o the heads of the compliance, risk management and internal audit departments, to be taken on the proposal of the Risks Committee,
- o the heads of the anti-money laundering and internal validation departments,
- o the person in charge of reporting suspicious transactions,
- o the Manager responsible for preparing the Company's financial reports, as well as the granting of powers and resources to said Manager to support the performance of his/her duties;
proposes to the Shareholders' Meeting the independent auditors to be appointed for the statutory audits of accounts and the fee for their mandate and is consulted on the proposal for the removal of said independent auditors; supervises their work, examines their work plan and shares with them the relevant data and information for the performance of their respective duties;
also in its capacity as Internal Control and Audit Committee and with the support of the compliance and internal auditing departments:
- o oversees the financial reporting process and makes any recommendations or proposals to ensure its integrity,
- o oversees the effectiveness of the internal auditing systems,
- o oversees the independent auditing of the annual accounts and annual consolidated accounts and ensures the independence of the auditing firm, verifying compliance with the applicable regulations and the nature and scope of services other than the statutory audit provided to the Bank and its subsidiaries by the independent auditors and the entities belonging to their network; in this respect, it reviews the assignments given by the Bank to the independent auditors for services other than the statutory audit, subsequent to their submission to the Manager responsible for preparing the Company's financial reports;
- o reviews and assesses the adequacy of the audit services on a voluntary basis before the resolution of the Board of Directors;
- o examines the work plan prepared by the independent auditors,
- o examines the additional report pursuant to Article 11 of EU Regulation 537/2014 on the activity carried out by the independent auditors – which is submitted to the Board accompanied by observations, if any, also taking into account the assessments of the Risks Committee, as well as the letter of recommendations, if any, prepared by the independent auditors;
oversees the completeness, adequacy and functionality of the risk management process; in this context, it oversees, among other things, the Risk Appetite Framework and the compliance with provisions related to ICAAP and ILAAP;

R. 32 f)

R. 35 b)

P. VIII

oversees the adequacy, overall reliability and security of the information system and the business continuity plan;
oversees compliance with the regulations applicable to Intesa Sanpaolo as the Parent Company of a banking group issuing shares listed on regulated markets;
oversees compliance with anti-money laundering regulations and the completeness, functionality and adequacy of anti-money laundering controls;
oversees the implementation of the remediation plans approved by the Board following the inspections conducted by the Supervisory Authorities;
oversees compliance with the provisions of Italian Legislative Decree No. 254 of 30 December 2016 on the Consolidated Non-financial Statement and reports on this matter in its annual report to the Shareholders' Meeting;
reviews, annually, the overall situation of complaints and other requests received, as well as the adequacy of the organisational procedures and solutions adopted.
The Committee has independent powers of initiative and control and its members may at any time, also individually, carry out inspections and controls, also on Group companies, or delegate one of its members to do so. For the purpose of performing its duties, the Committee has unrestricted access to all the Bank's corporate functions. It may also independently appoint external consultants and has adequate financial resources to this end. R. 35 g) R. 36 c)

The Committee or any of its members may also ask the heads of the corporate control functions to report any relevant data and information to the Committee.

The Committee promptly submits to the competent Authorities all the notifications required by the applicable regulations.

Pursuant to Article 153 of the Consolidated Law on Finance, the Committee reports to the Shareholders' Meeting called to approve the financial statements on its supervisory activities and any omissions or objectionable conduct detected.

The Committee promptly notifies the Board and the Managing Director of any gaps and irregularities found, also as a result of checks specifically requested by the Supervisory Authorities, requests that suitable corrective measures be taken and monitors their effectiveness over time. At Board meetings, the Committee Chairman discusses any observations and findings concerning the activities conducted since the last meeting.

In any event, the Committee Chairman shall inform the Board of the supervisory activities, checks and audits conducted and their outcomes at least once every quarter.

The Committee issues the opinions requested by the Control Body pursuant to the regulations in force, in accordance with the provisions of the Articles of Association and its own Regulations. The opinions, signed by the Chairman, are submitted to the Chairman of the Board of Directors and, through the latter, to all Board Members, in time for said opinions to be taken into due account, including for the purposes of making the relevant decisions.

The Committee, in line with its control function, may perform additional duties assigned to it by the Board of Directors or activities requested of it by the Chairman of the Board for the purposes and within the scope of the Committee's powers under the Articles of Association.

The Committee and/or its individual members, within the limits and in the manner permitted by Article 151-ter of the Consolidated Law on Finance, are vested with the following powers: i) to request news and information from the other Directors or from the management and control bodies of the subsidiaries, being understood that this information is provided to all Committee members; ii) to ask the Chairman to convene the Committee, indicating the agenda items to be discussed; iii) to convene the Board of Directors, after notifying the Chairman.

The Committee may, after notifying the Chairman of the Board of Directors, convene the Shareholders' Meeting whenever it deems it necessary for the performance of its duties or if, during its activities, it detects objectionable facts of significant severity and requiring urgent measures.

Composition and appointment

The Management Control Committee is composed of 5 Board Members, all independent pursuant to the Articles of Association. Two members must belong to the less-represented gender.

P. VIII R. 8

R. 35 h)

Pursuant to the applicable Regulations and in line with the amendments to the Articles of Association made by the Shareholders' Meeting of 28 April 2021, the members of the Committee may not be members of other Board Committees other than the Risks Committee and the Committee for Transactions with Related Parties.

In compliance with the guidelines of the Supervisory Provisions on the corporate governance of banks that adopt the one-tier governance model, and as permitted by Article 2409-octiesdecies of the Italian Civil Code, Intesa Sanpaolo's Articles of Association give the power to elect Committee members to the Ordinary Shareholders' Meeting.

The Committee in office at the time of approval of this Report is composed of the following Directors: Alberto Maria Pisani, Roberto Franchini, Fabrizio Mosca, Milena Teresa Motta and Maria Cristina Zoppo. All the members were elected by the Shareholders' Meeting of 30 April 2019, which appointed Alberto Maria Pisani as Chairman, with the exception of Roberto Franchini, appointed by the Shareholders' Meeting of 27 April 2020 to replace Corrado Gatti, who resigned from office.

With regard to the election of the Committee members and its Chairman, see the preceding paragraph on the appointment of the Board Directors, which refers to the provisions of the Articles of Association under which the Committee is elected on the basis of slates of candidates submitted by the Shareholders.

The Chairman of the Committee convenes and chairs the meetings, directs, coordinates and moderates the discussion and, on behalf of the Committee, describes the results of the activities carried out.

The Chairman ensures the effectiveness of the discussions within the Committee and endeavours to ensure that the resolutions are the result of in-depth debate and of the informed and reasoned contribution of all its members. To this end, the Chairman ensures that all members of the Committee are sent – well in advance of the meeting – documentation in support of the Committee's activities or at least an overview of the items to be discussed; the Chairman ensures that the amount and quality of said documentation is suitable with respect to the items on the agenda.

In the event of the Chairman's absence or temporary impediment, his/her duties are carried out by the Committee member in the highest-ranking position of the second section of the slate from which the Chairman was elected. Should this not be possible, the Chairman's duties are undertaken by the longest-serving Committee member or, in the case of equal seniority of service, by the oldest Committee member.

Term of office, replacement and removal

The members of the Management Control Committee remain in office for the entire term of office of the Board of Directors in which they were elected; the mandate of the members currently in office – including the member appointed in April 2020 – thus covers the 2019/2020/2021 financial years, and expires at the next Shareholders' Meeting called to approve the financial statements for the last year of their office. They may be re-elected.

With regard to the replacement and removal of the Committee members, see the paragraph on the replacement and removal of Board Members.

Suitability requirements

oversees the adequacy, overall reliability and security of the information system and the business
oversees compliance with the regulations applicable to Intesa Sanpaolo as the Parent Company of
oversees compliance with anti-money laundering regulations and the completeness, functionality
oversees the implementation of the remediation plans approved by the Board following the
oversees compliance with the provisions of Italian Legislative Decree No. 254 of 30 December 2016 on the Consolidated Non-financial Statement and reports on this matter in its annual report to the
reviews, annually, the overall situation of complaints and other requests received, as well as the

The Committee has independent powers of initiative and control and its members may at any time, also individually, carry out inspections and controls, also on Group companies, or delegate one of its members to do so. For the purpose of performing its duties, the Committee has unrestricted access to all the Bank's corporate functions. It may also independently appoint external consultants and has

The Committee or any of its members may also ask the heads of the corporate control functions to

The Committee promptly submits to the competent Authorities all the notifications required by the

In any event, the Committee Chairman shall inform the Board of the supervisory activities, checks and

The Management Control Committee is composed of 5 Board Members, all independent pursuant to

a banking group issuing shares listed on regulated markets;

adequacy of the organisational procedures and solutions adopted.

and adequacy of anti-money laundering controls;

inspections conducted by the Supervisory Authorities;

report any relevant data and information to the Committee.

audits conducted and their outcomes at least once every quarter.

scope of the Committee's powers under the Articles of Association.

detects objectionable facts of significant severity and requiring urgent measures.

the Articles of Association. Two members must belong to the less-represented gender.

continuity plan;

Shareholders' Meeting;

applicable regulations.

R. 35 g) R. 36 c)

R. 35 h)

P. VIII R. 8

since the last meeting.

objectionable conduct detected.

of making the relevant decisions.

Directors, after notifying the Chairman.

Composition and appointment

adequate financial resources to this end.

The members of the Management Control Committee must all be independent and meet the requirements applicable to Board Members (see the relevant paragraph on the Board), as well as the additional requirements of professionalism laid down in the regulations and the Articles of Association, under penalty of disqualification from office.

Committee members must also comply with the limitation of directorships provided by the law and by the current regulations for appointment as members of the control bodies of a bank issuing shares listed on regulated markets. Furthermore, they must comply with the additional limitations set out in the Articles of Association, which prohibit Committee members from taking up:

executive offices in other undertakings;
more than two non-executive offices in corporate bodies (including as members of control bodies) of other large companies.

To this end, the candidates for the position of Committee member must expressly pledge to immediately step down from any incompatible offices if they are appointed.

Moreover, in compliance with supervisory regulations, the members of the Management Control Committee cannot take up offices in bodies other than control bodies of other Group companies, Art. 123-

bis (1), (l), CLF

Art. 123 bis (2), (d), CLF

P. VIII R. 9

P. XII R. 15

companies belonging to the financial conglomerate and companies in which the Bank holds a strategic interest. As members of the control body of a company with listed shares, Committee members are also subject to the rules on the limitation of directorships laid down in Article 148-bis of the Consolidated Law on Finance and the related implementing regulations: these rules set out the limits and parameters to be applied to determine the limit on the number of offices held, as well as the manner and deadline of the disclosure to Consob and the public.

For each Committee member, the loss of the requirements of independence or professionalism, or the failure to comply with the limitation of directorships pursuant to the Articles of Association, will result in the Board Member's disqualification from office.

Therefore, if an Independent Director who is a member of the Committee no longer meets the independence requirement, he/she will also be disqualified from being a Committee member and a Director. The same applies if he/she ceases to be a statutory auditor, even if another three members of the Committee who are statutory auditors remain in office.

In accordance with the requirements of the Supervisory Provisions and the internal regulations, following the renewal of the Bodies in 2019 and the subsequent appointment of a new member in April 2020, the Committee, based on the statements made by the parties concerned and on the information available to the Bank, confirmed that each of its members met the necessary requirements, including that of independence, giving notice thereof to the Board. The members declared they met the professionalism and integrity requirements and the criteria of competence, reputation, fairness, independence and time commitment, complied with the specific limitation of directorships and were unaffected by the incompatibilities referred to in the applicable legislation and the Articles of Association. This assessment was successfully repeated at the time of approving this Report.

Functioning of the Committee

The Committee normally meets on a weekly basis; the meeting is convened by a notice of call containing the agenda, typically sent by the Committee's secretariat three days before the date set for the meeting. The secretariat ensures compliance with the planned manner and timing and with the procedures to ensure compliance with any instructions issued by Authorities.

The meeting notice is usually accompanied by the documentation necessary for the performance of the Committee's duties. In any case, the meeting ensures the full and exhaustive discussion of each item and special attention is given to the content of the documents that could not be made available in advance.

In 2021, due to the COVID-19 emergency and in line with the previous year, the members of the Committee attended the meetings remotely.

The Committee may ask the structures of the Bank for access to any information considered necessary to perform its duties and may appoint external consultants. Upon invitation of the Committee, non-Committee members may attend the meetings in relation to specific items on the agenda.

In the performance of its duties, the Committee relies on the corporate control functions and, in particular, on the internal audit department, which also reports functionally to the Committee, which monitors the department's independence, adequacy, effectiveness and efficiency.

The Committee receives from the heads of the corporate control functions reports on specific situations, breaches or significant shortcomings – periodically or at the Committee's express request – and examines their activity plans.

The Committee coordinates with the Risks Committee for the matters under its competence. Certain information flows are discussed in joint meetings, while each Committee makes its assessments independently. Since none of the members of the Management Control Committee currently sits in the Risks Committee, one of the Management Control Committee members, appointed in rotation, attends the meetings of the Risks Committee without voting rights, and then reports back to his/her own Committee.

The Committee also coordinates with the Surveillance Body, the Manager responsible for preparing the Company's financial reports and the independent auditors. It holds regular meetings with the independent auditors for the control activities related to the formulation of their opinion on the financial statements, and monitors their independence.

The Committee also meets with the Boards of Statutory Auditors of the Group's main subsidiaries, working closely and exchanging information with them on said subsidiaries' corporate governance

R. 35 e) g)

systems and the general performance of their business.

In 2021, due to the COVID-19 emergency and in line with the previous year, the members of the

The Committee may ask the structures of the Bank for access to any information considered necessary to perform its duties and may appoint external consultants. Upon invitation of the Committee, non-

In the performance of its duties, the Committee relies on the corporate control functions and, in particular, on the internal audit department, which also reports functionally to the Committee, which

The Committee also meets with the Boards of Statutory Auditors of the Group's main subsidiaries, working closely and exchanging information with them on said subsidiaries' corporate governance

Committee members may attend the meetings in relation to specific items on the agenda.

monitors the department's independence, adequacy, effectiveness and efficiency.

incompatibilities referred to in the applicable legislation and the Articles of Association. This assessment was successfully repeated at the time of approving this Report.

procedures to ensure compliance with any instructions issued by Authorities.

the disclosure to Consob and the public.

Functioning of the Committee

examines their activity plans.

Committee attended the meetings remotely.

statements, and monitors their independence.

advance.

R. 9 R. 10

R. 35 e) g)

R. 37 paragraph 2

Committee.

the Board Member's disqualification from office.

the Committee who are statutory auditors remain in office.

In 2021 the Committee met 46 times in total, with the following attendance percentage for each member:

Members	Independent pursuant to the applicable regulations and the Articles of Association	Attendance percentage at meetings
Alberto Maria Pisani – Chair	X	98%
Roberto Franchini	X	100%
Fabrizio Mosca	X	100%
Milena Teresa Motta	X	100%
Maria Cristina Zoppo	X	100%

The meetings lasted on average about 5 hours, considered an adequate amount of time to ensure thorough examination and discussion of the items on the agenda, also in light of the appropriate prior disclosures and of the number of meetings held.

In 2022, at the date of approval of this Report, the Committee has held 9 meetings.

The main topics examined by the Committee in 2021, in compliance with its powers and its Regulations included:

the proposals to amend the internal rules or adopt new ones, particularly with regard to anti-money laundering and Group compliance, management of conflicts of interest, transactions with Related Parties and Associated Entities of the Group, disclaimers of unauthorised payment transactions, preparation and allocation of Segment Reporting;
the disclosures provided by the competent corporate functions on the evolution of the measures that the Bank continued to take in response to the Covid-19 emergency, also in order to continuously ensure the effectiveness of the control measures. The Committee assessed in particular detail the reasons for the increase in cyber-fraud incidents harming its customers and the consequent complaints;
the results of the inspections carried out by the Supervisory Authorities on the matters under their remit, with the related corrective plans to act on the recommendations made by the Authorities. In this context, the Committee - in response to the proceedings initiated by the Italian Antitrust Authority (AGCM) against Intesa Sanpaolo RBM Salute and Previmedical for alleged unfair business practices in the offer of insurance services - met on several occasions with the competent corporate functions to examine the developments of the proceedings in question and the progress of the remedial actions identified to resolve the key points highlighted first by the AGCM and subsequently by IVASS;
the progress of activities related to the self-assessment requested by the ECB as part of the SREP Letter 2020 - conducted on the adequacy of controls in the process of preparing the separate and consolidated financial statements and the Segment Reporting.
the continuation of the process aimed at strengthening anti-money laundering safeguards at international level. In particular, the Committee was informed of the finalisation by the US Authorities of the closure of the Written Agreement signed by the Bank in 2007, as well as the completion of all the duties provided for by the 2016 Consent Order;
the progress (i) of the process for strengthening the Group's IT platforms, also through the integration of the international branches and legal entities into the Group's IT security model and (ii) of the Data Transformation Programme, aimed at revising the Data Governance and Data Quality model.

As part of its assessment of the risk management process, the Committee examined:

the issues relating to the preparation of the 2021 Risk Appetite Framework, with a focus on complex risk;
the annual reports of the Internal Validation and Internal Audit functions on the internal risk measurement systems in terms of credit, market and operational risks for the determination of capital requirements, as well as the action plan of the Risk Management function on the key points formulated by said Control Functions;
the methodological aspects and scenarios relating to the ICAAP ILAAP exercise for 2021 as well as the "Capital Adequacy Statement", the "Liquidity Adequacy Statement" and the analyses carried out by the Internal Validation and Internal Audit functions on that exercise;
the reports of the competent corporate functions on the adequacy, reliability and security of the information system and of the business continuity plan.

R. 37 paragraph 2

R. 21 R. 22

Lastly, the Committee was invited on 13 occasions to attend the meetings of the Risks Committee both during meetings with the Manager responsible for preparing the Company's financial reports and the independent auditors, in relation to the preparation of the financial statements and the interim reports, and on other occasions for the review of issues of mutual interest.

On a quarterly basis, the Committee illustrated to the Board of Directors the supervisory, due diligence and examination activities carried out and their results; it also periodically met with the Managing Director to further investigate specific topics of interest and examine the key points highlighted in its reports. R. 35 h)

Self-assessment of the Committee

Each year, the Management Control Committee performs a separate self-assessment on its own composition and functioning, in line with its mandate to control the correct and effective performance of corporate governance bodies. In doing so, it applies criteria and methods consistent with the characteristics of its function within the one-tier governance model. P. XIV

The self-assessment process, which was performed in accordance with the provisions of the Regulations on the Board of Directors' self-assessment process, covers the Committee as a whole and the contribution of its individual Members to its work.

The Committee Members are also specifically required to assess individually – separately from the Board's self-assessment process as a whole – the qualitative and quantitative composition, functioning and effective performance of the Committee's duties.

Given the need for consistency and overall coherence of the results, the process is typically entrusted to the same individuals designated by the Board, who in this case, however, report directly to the Chairman of the Management Control Committee, who remains responsible for the process as a whole. The self-assessment for the year 2021 was performed with the professional assistance of Crisci & Partners, an expert independent consulting firm which at the same time also supported the Board of Directors in its self-assessment process.

The qualitative and quantitative results confirmed the adequacy of the Committee and the high level of overall compliance with the provisions of the Corporate Governance Code, the EBA guidelines, the provisions of Bank of Italy Circular No. 285/2013 and the best practices of other listed companies, in so far as comparable with the Bank.

The Committee therefore assessed the Committee's own size, composition and functioning as being satisfactory.

R. 22

Board Committees: composition and operation

The self-assessment process, which was performed in accordance with the provisions of the Regulations on the Board of Directors' self-assessment process, covers the Committee as a whole and

The Committee therefore assessed the Committee's own size, composition and functioning as being

and on other occasions for the review of issues of mutual interest.

characteristics of its function within the one-tier governance model.

the contribution of its individual Members to its work.

and effective performance of the Committee's duties.

Directors in its self-assessment process.

far as comparable with the Bank.

satisfactory.

reports.

R. 37 paragraph 2

R. 35 h)

P. XIV R. 21 R. 22

R. 22

Self-assessment of the Committee

The Committees are the organisational bodies through which the Board of Directors increases the effectiveness of its strategic supervision role. Without prejudice to the Board's corporate powers and responsibilities, the Committees have the proposal, advisory and inquiry duties (including the issue of opinions, where provided for by applicable rules) assigned to them by applicable regulations and, to the extent applicable, the Corporate Governance Code and the Articles of Association. They also perform those duties that, in accordance with each Committee's function, are specifically assigned to them by the Regulations in force – approved by the Board – which also govern their organisation and operation.

Pursuant to the Articles of Association, the Committees are composed of a minimum of three and a maximum of five non-executive Board Members, who are mainly independent Board Members. No Board Member may take up the office of Chair of more than one Committee or sit on more than two Committees. The following Committees are currently established within the Board of Directors:

− Nomination Committee: 5 members, including the Deputy Chairperson and the Chairman of the Board of Directors, 3 of whom are independent pursuant to the applicable regulations and the Articles of Association and 2 members enrolled with the Register of Statutory Auditors and who have practised as auditors for at least three years;
− Remuneration Committee: 5 members, including the Deputy Chairperson of the Board of Directors, 3 of whom are independent pursuant to the applicable regulations and the Articles of Association and 1 member enrolled with the Register of Statutory Auditors and who has practised as an auditor for at least three years;
− Risks Committee: 5 members, 3 of whom are independent pursuant to the applicable regulations and the Articles of Association and 2 of whom are also enrolled with the Register of Statutory Auditors and have practised as auditors for at least three years.

The Committee for Transactions with Related Parties is also in place; it is composed of 5 members, all independent pursuant to the applicable regulations and the Articles of Association; one member is also enrolled with the Register of Statutory Auditors and has practised as an auditor for at least three years.

All the Committees have been established, as also required by the Supervisory provisions on banks

In establishing the Committees, the Board took into consideration the professional characteristics and experience of the Board Members, so that each Committee is composed of members whose skills and professionalism are consistent with the duties assigned to them and who are able to ensure the performance of their tasks with adequate time commitment.

The activities of each Committee are coordinated and directed by a Chair designated by the Board. The Board Member appointed as Chair of a Committee must be independent and may not hold the office of Chair of another Board Committee.

The Chair calls the Committee meetings and reports on the Committee's activities, proposals and opinions during Board meetings. In the event of absence or impediment of the Chair, the longest-serving independent member or, in the case of equal terms of service, the eldest member takes on the functions.

Meetings are generally held at the Turin registered office and at the Milan secondary registered office. Meetings may also be validly held through telecommunication methods. In that case, they are considered to have been held at the Chair's location.

The Regulations of each Committee require that the minutes of each meeting be prepared by an appointed secretary, who may also be a non-Board Member, in which case the secretary should be selected from the secretariat supporting the Bodies.

Each Committee may contact the corporate functions to access the information required to perform its tasks. Committees can also make use of external consultants, as indicated in each set of Regulations.

Individuals who are not part of a Committee may attend Committee meetings provided they are invited by the Chair of the Committee concerned, and only in relation to specific items on the agenda.

The Chief Governance Officer and the Secretary of the Board of Directors are invited to and may attend the Committees' meetings, including by delegating a staff member.

R. 26

paragraph 3

R. 11

R. 17

R. 11

R. 17 paragraph 1

R. 35

paragraphs 1 and 2

Also considering the time dedicated to each task, the Committees' work is always performed in a constructive environment based on exchange and dialogue among the respective members, encouraging personal contributions, open discussion and dialectic not only among Board Members but also with the heads of the control functions, Divisions, Governance Areas and of the various Structures involved in the meetings within the scope of their responsibility.

Detailed information is provided below on each of the Committees that the Board established on 7 May 2019 for the financial years 2019/2020/2021, including their composition, duties and activities in 2021 (in addition to details on meetings and members' attendance). It should also be noted that following the Covid-19 emergency and in light of the legal provisions in force from time to time, the meetings of the Committees took place mainly via remote connection, with different arrangements depending on the Committee.

Nomination Committee

Members	Enrolment with the Register of Statutory Auditors Practice as an auditor	Independent pursuant to the applicable regulations and the Articles of Association	Attendance percentage at meetings
Livia Pomodoro – Chair		X	100%
Paolo Andrea Colombo	X	X	100%
Gian Maria Gros-Pietro			100%
Maria Mazzarella		X	100%
Bruno Picca	X		100%

In 2021, the Committee held 10 meetings. The average duration of meetings was approximately 30 minutes.

The Committee performs inquiry and advisory duties supporting the Board in the following areas:

defining the policies on the suitability requirements for the members of the Parent Company's Bodies and the related guidance and coordination criteria for the Group companies;
the process of appointing or co-opting the Board Members to ensure that the Board's composition, in terms of size and professionalism, enables it to fulfil its duties efficiently. In this regard, the Committee supports the Board in the early identification of the optimal number and profile of Board members, including the candidates' qualifications (identifying and justifying the professional characteristics and the suitability deemed adequate for these purposes) to be presented to the Shareholders' Meeting in time for the appointment of the Directors. To this end, the Committee also formulates guidelines aimed at ensuring adequate continuity of experience and knowledge, and overall balance in the composition and operation of the Board and its Committees, so as to prevent the risks associated with simultaneous replacements of an excessive number of members;
verifying, as part of the assessment of members' suitability pursuant to Article 26 of the Consolidated Law on Banking, the match between the composition considered optimal and the one actually resulting from the appointments by the Shareholders' Meeting, including in the light of the choices made by the shareholders when presenting the slates;
verifying, also pursuant to Article 26 of the Consolidated Law on Banking, the fulfilment of the requirements laid down by the applicable regulations and the Articles of Association for Board Members – other than the members of the Management Control Committee – and verifying compliance with the limitation of directorships laid down by the applicable regulations and the Articles of Association, as well as the prohibition on interlocking directorates under Article 36 of Law Decree no. 201/2011, converted into Law no. 214/2011. Specifically, the Committee supports the Board in assessing compliance with the independence requirement as provided for in the Articles of Association, including a review of all credit, professional and commercial relationships between the Bank and Directors considered independent;
defining the body's self-assessment process and actually fulfilling it, on an annual basis;
- defining and approving the induction plans targeted at the Directors;

R. 19 b) c)

R. 19 a)

adopting the criteria for appointing the members of the Corporate Bodies of the subsidiaries as well as evaluating the proposals for appointing the members of the Corporate Bodies of the main subsidiaries, in order to verify consistency with the aforementioned criteria.

Moreover, pursuant to the Articles of Association, the Committee is specifically heard by the Board regarding the identification of the Managing Director. In coordination with the Chairman of the Board of Directors, the Committee also supports the Board in defining the process governing succession plans for its members, including the Managing Director, in line with the supervisory regulations. This is done to ensure orderly succession in the respective positions in the event of termination or expiry of the mandate or for any cause, so as to ensure business continuity and avoid economic and reputational repercussions.

Lastly, the Committee supports the Risks Committee in preparing proposals for appointing and removing the heads of the Compliance, Risk Management and Internal Auditing Departments.

In the meetings held in 2021, the Committee assisted the Board, among others, in the following activities:

the annual and ad-hoc verification of the individual suitability of each Board Member and the assessment of the Board's collective suitability;
the appointment of members of the Bodies of subsidiaries;
the self-assessment of the Board and the Board Committees.

During 2021, the Committee also took note of the Corporate Governance Committee's recommendations and the updated Guide on "fit and proper assessment" issued by the ECB.

Remuneration Committee

Register of Statutory

Practice as an auditor

Livia Pomodoro – Chair X 100% Paolo Andrea Colombo X X 100% Gian Maria Gros-Pietro 100% Maria Mazzarella X 100% Bruno Picca X 100%

In 2021, the Committee held 10 meetings. The average duration of meetings was approximately 30 minutes.

and the related guidance and coordination criteria for the Group companies;

The Committee performs inquiry and advisory duties supporting the Board in the following areas: - defining the policies on the suitability requirements for the members of the Parent Company's Bodies

the risks associated with simultaneous replacements of an excessive number of members; - verifying, as part of the assessment of members' suitability pursuant to Article 26 of the Consolidated Law on Banking, the match between the composition considered optimal and the one actually resulting from the appointments by the Shareholders' Meeting, including in the light of the choices

defining the body's self-assessment process and actually fulfilling it, on an annual basis;
defining and approving the induction plans targeted at the Directors;
verifying, also pursuant to Article 26 of the Consolidated Law on Banking, the fulfilment of the requirements laid down by the applicable regulations and the Articles of Association for Board Members – other than the members of the Management Control Committee – and verifying compliance with the limitation of directorships laid down by the applicable regulations and the Articles of Association, as well as the prohibition on interlocking directorates under Article 36 of Law Decree no. 201/2011, converted into Law no. 214/2011. Specifically, the Committee supports the Board in assessing compliance with the independence requirement as provided for in the Articles of Association, including a review of all credit, professional and commercial relationships between the
the process of appointing or co-opting the Board Members to ensure that the Board's composition, in terms of size and professionalism, enables it to fulfil its duties efficiently. In this regard, the Committee supports the Board in the early identification of the optimal number and profile of Board members, including the candidates' qualifications (identifying and justifying the professional characteristics and the suitability deemed adequate for these purposes) to be presented to the Shareholders' Meeting in time for the appointment of the Directors. To this end, the Committee also formulates guidelines aimed at ensuring adequate continuity of experience and knowledge, and overall balance in the composition and operation of the Board and its Committees, so as to prevent

Auditors

Independent pursuant to the applicable regulations and the Articles of Association

Attendance percentage at meetings

involved in the meetings within the scope of their responsibility.

Members Enrolment with the

made by the shareholders when presenting the slates;

Bank and Directors considered independent;

Committee.

Article 123-bis 2, (d) CLF

R. 19 b) c)

R. 19 a)

Nomination Committee

Members	Enrolment with the Register of Statutory Auditors Practice as an auditor	Independent pursuant to the applicable regulations and the Articles of Association	Attendance percentage at meetings
Paolo Andrea Colombo – Chair	X	X	100%
Franco Ceruti			100%
Anna Gatti		X	100%
Luciano Nebbia			100%
Andrea Sironi(*)		X	95%

In 2021, the Committee held 20 meetings. The average duration of meetings was approximately one hour and 20 minutes. (*) On 1 March 2022, Maria Alessandra Stefanelli was appointed member of the Committee, replacing Director Andrea Sironi, who resigned from office.

The Remuneration Committee ensures adequate knowledge and expertise in financial matters and remuneration policies. Pursuant to its Regulations, the Committee inquires, proposes and advises on remuneration and incentive matters, thereby supporting the Board of Directors.

The Committee supports the Board in preparing proposals for approval by the Shareholders' Meeting. Specifically, it provides support in drafting the remuneration policies for Board Members; remuneration and incentive policies for employees and other staff not bound by an employment agreement, including the rules for identifying key personnel; remuneration and incentive plans based on financial instruments; and criteria for calculating severance payments in the event of early termination of employment contract or office. It also supports the Board in the drafting of any proposal relating to the resolution on the determination of a ratio between the variable and fixed components of individual remuneration paid to employees above the 1:1 ratio, but not exceeding the cap provided for by applicable regulations, as well as in the approval of the Report on Remuneration.

The Committee advises and supports the Board in approving the implementing provisions governing the main application criteria and operating mechanisms for the structure of the remuneration and incentive systems and in identifying the Risk Takers (including any exclusions).

R. 19 e) R. 24

The Committee, on the basis of the remuneration policies approved by the Shareholders' Meeting, submits to the Board proposals on additional remuneration, including the variable component, attached to the office of Managing Director and General Manager, the remuneration payable to other Board Members that have been assigned additional specific offices in accordance with the Articles of Association, the remuneration and incentive systems and the remuneration of the Group's Top Risk Takers, including the heads of the corporate control functions1and similar roles for the purpose of the Remuneration Discipline, as well as the remuneration for the members of the Surveillance Body. On the other hand, the remuneration of the Committee's members is decided exclusively by the Board. R. 25 b) R. 26

R. 25 c) d)

With reference to the rules on remuneration, the Committee:

supports the Board of Directors in verifying the correct implementation of the remuneration policies approved by the Shareholders' Meeting and reviews them at least annually, focusing specifically on the adequacy, overall consistency and actual implementation of the remuneration policies for directors and key management personnel, the gender neutrality of the Remuneration and Incentive Policies and the pay gap and its evolution over time;
checks and monitors the implementation of the decisions adopted by the Board;
monitors the correct implementation of the remuneration rules for the heads of corporate control functions, in close coordination with the Management Control Committee and the Risks Committee within the scope of their respective responsibility.

The Committee also performs the duties of Committee for Transactions with Related Parties in accordance with the provisions of the RPT Procedures, with regard to transactions with the Bank's related parties and associated entities concerning remuneration. In performing this duty, where required by the RPT Procedures, it also issues a reasoned opinion on the Bank's interest in the payment of the remunerations in question, as well as their convenience and substantive correctness.

During 2021, the Committee assisted the Board in approving proposals concerning:

the updating of the Board Regulation, to align its contents with the Guidelines on Remuneration, Incentives and Identification of Risk Takers of the Intesa Sanpaolo Group and implementing the amendment to Article 123-ter of the Consolidated Law on Finance and the provisions of the Corporate Governance Code;
the definition of the payment methods for the bonus portions to be assigned in financial instruments relating to UBI Banca 2015-2020 Incentive Systems.
the Group's Remuneration Policies for 2021 submitted to the Shareholders' Meeting for approval;
the KPIs to be implemented for the 2021 Incentive System for the Group's Top Risk Takers and the Heads of the Corporate Control Functions pursuant to the Remuneration Discipline and similar roles, also taking into account the proposal of the Risks Committee and the Management Control Committee within the scope of their responsibility;
allocation of compensation and bonuses due to the Top Risk Takers linked to the 2020 Incentive System and of compensation due to the Senior Heads of the Corporate Control Functions and similar roles;
the increase in the incidence of non-recurring remuneration on recurring remuneration in the recruitment offer for new Financial Advisors of the Intesa Sanpaolo Group submitted to the Shareholders' Meeting for approval;
the updating of the 2018-2021 "Performance-based Option Plan" (POP) Long-Term Incentive Plan.

Finally, the Committee supported the Board in the annual verification of the gender neutrality of the Group's Remuneration Policies and in examining the report of the Chief Audit Officer on the 2020 Remuneration and Incentive System in the part concerning the audit of operating practices.

¹ The Manager responsible for preparing the Group's financial reports and the Head of the Safety and Protection Head Office Department in their capacity as Group Data Protection Officer

For additional information on remuneration, see the Report on Remuneration.

Risks Committee

Members	Enrolment with the Register of Statutory Auditors Practice as an auditor	Independent pursuant to the applicable regulations and the Articles of Association	Attendance percentage at meetings
Rossella Locatelli – Chair		X	100%
Franco Ceruti			100%
Guglielmo Weber		X	100%
Bruno Picca	X		100%
Daniele Zamboni	X	X	98%

In 2021, the Committee held 52 meetings. The average duration of meetings was approximately five hours and 40 minutes.

The Risks Committee proposes, advises and inquires on the relevant matters, submitting opinions where required by the applicable laws. It focuses in particular on activities instrumental to the Board's accurate and effective determination of the Risk Appetite Framework (RAF) and risk governance policies, as well as other risk-related determinations reserved to it by the applicable law.

In particular, the Risks Committee supports the Board for the purposes of improving risk management and the effective implementation of the RAF in the performance of strategic supervision functions in the following areas:

business model, strategic guidelines and risk appetite, in order to highlight to the Board the risks to which this model exposes the Bank and help the Board understand the risk identification and assessment methods used;
the Bank's and the Group's corporate governance and organisational structure, to verify their consistency with the activity carried out and the business model adopted;
the administrative-accounting and financial reporting systems and the independent audit process for the approval of the accounting and reporting systems and assessment of the correct implementation of the accounting standards and their consistency with reference to the preparation of the Parent Company and consolidated financial statements. Furthermore, the Committee supports the Board in examining the additional report pursuant to Article 11 of EU Regulation 537/2014 illustrating the results of the activity carried out by the independent auditors, and in examining the letter of recommendations, if any, submitted by the same auditors;
internal controls system, for defining and approving the guidelines for controls as well as verifying their effectiveness in capturing the evolution of business risks and their interactions. In this context, it submits to the Board proposals for the appointment and removal of the heads of the Compliance, Risk Management and Internal Auditing Departments and issues its opinion on the definition of the incentive systems for the heads of the Risk Management and Internal Validation Departments. It also supports the Board in examining proposals on the appointment and removal of the head of the Anti-Money Laundering Department, the head of Internal Validation and the head of the Business Continuity Plan and on the appointment of the Data Protection Officer;
risk governance and management, performing support functions, also with specific regard to all sustainability issues (ESG) and in approving the list of ESG-sensitive sectors, which fall under the corporate responsibility model. In this context, it provides support in defining and approving the Group's risk governance policies, including those related to liquidity risk, so as to implement an integrated and coherent risk management policy; it performs the necessary evaluation and proposalmaking activities to enable the Board to define and approve - taking into account the Managing Director's proposals - the risk objectives ("Risk Appetite") and, where deemed appropriate, the tolerance threshold ("Risk Tolerance"); The Committee supports the Board in reviewing situations where specific limits under the RAF are exceeded and in monitoring the actions identified to bring the risk taken back within the predetermined risk appetite;
it reviews the draft Consolidated Non-financial Statement, examining specifically the content of the "materiality matrix" (which identifies the potentially most significant sustainability issues), in cooperation with the Management Control Committee, as to the aspects within the latter's responsibility, in view of the Board's approval;

R. 32 c) R. 35

R. 35 d)

R. 35 a) b)

R. 35 e) f)

R. 35 d)

R. 35 c)

information systems, for the approval of the information system development strategies and the IT security policy;
business continuity, for the purposes of defining and approving the relevant objectives and strategies, approving the business continuity plan proposed by the Managing Director and assessing the residual risks not covered by the plan, which must be expressly accepted by the Board.

Lastly, the Committee supports the Board in the duties of monitoring the Most Significant Transactions, in accordance with the applicable internal regulations, subject to the prior examination of the Risk Management function.

The Committee also acts as "US Risks Committee" in accordance with the provisions of Section 165 of the Dodd-Frank Act and the tighter supervisory standards for foreign banks operating in the United States issued by the Federal Reserve.

In this capacity, to support the supervision of the transactions carried out by Group units located in the United States, the Committee assists the Board of Directors in assessing – and periodically reviewing – the adequacy of the Group's risk governance policies with respect to all those transactions. The Committee ensures that said policies are actually implemented and that the information it receives is sufficient for the performance of its duties.

The Risks Committee members have the appropriate expertise, skills and experience to fully understand and monitor the Bank's risk strategies and guidelines. One member of the Management Control Committee, appointed on a rotating basis by the Committee itself, takes part in the Committee meetings, without voting rights, to ensure coordination in the performance of their respective duties and functions. The presence of a common member between the Risks Committee and the Remuneration Committee ensures adequate interaction with the issues relating to remuneration and incentive policies.

The Risks Committee reports at each Board meeting on the Committee's activity and main findings, through specific reports and via a summary. R. 35 h)

In this regard, in 2021 the Committee carried out the following activities, among other things:

it reviewed the 2021 Budget proposal, with quarterly analysis of the deviations, in combination with the strategies for protecting the net interest income on demand deposits and the Funding plan, and reviewed the cost allocation criteria;
it participated in defining the Risk Appetite Framework (including the Credit Risk Appetite), to improve the effectiveness of the controls, also in terms of governance, and in the quarterly monitoring of the consistency with risk appetite as defined by the Bodies;
it submitted to the Board of Directors its assessment of the consistency with the RAF of the proposed KPIs assigned to the Group's Top Risk Takers not belonging to the Corporate Control Functions within the scope of the annual incentive system;
it monitored continuously the risk management arrangements against the Covid-19 emergency;
it assessed the adequacy of the current and future capital and liquidity position (ICAAP/ILAAP);
it reviewed the Group Recovery Plan;
it monitored the 2018-2021 Business Plan and the related assessment of the Corporate Control Functions
it monitored the 2018-2021 Group NPL Plan;
it monitored the evolution of the Technological Model and the progress of the Data Transformation programme, as part of the ongoing digitalisation of the Group;
it carried out the prior assessment of the opinions issued by the Risk Management function on certain types of most significant transactions, among which the MSTs relevant to reputational and ESG-Climate Change risks have gradually become more important.

As part of the definition of the new 2022-2025 Business Plan, the Committee examined in particular the Commitment to Net Zero, with Intesa Sanpaolo's joining of the NetZero Banking Alliance, and the initial definition of capital levels consistent with the Group's expected development, incorporated within a governance process dedicated to their maintenance.

Committee for Transactions with Related Parties

information systems, for the approval of the information system development strategies and the IT
business continuity, for the purposes of defining and approving the relevant objectives and strategies, approving the business continuity plan proposed by the Managing Director and assessing the

The Committee also acts as "US Risks Committee" in accordance with the provisions of Section 165 of the Dodd-Frank Act and the tighter supervisory standards for foreign banks operating in the United

The Risks Committee reports at each Board meeting on the Committee's activity and main findings,

it participated in defining the Risk Appetite Framework (including the Credit Risk Appetite), to improve the effectiveness of the controls, also in terms of governance, and in the quarterly
it submitted to the Board of Directors its assessment of the consistency with the RAF of the proposed KPIs assigned to the Group's Top Risk Takers not belonging to the Corporate Control
it monitored continuously the risk management arrangements against the Covid-19 emergency; - it assessed the adequacy of the current and future capital and liquidity position (ICAAP/ILAAP);
it monitored the 2018-2021 Business Plan and the related assessment of the Corporate Control
it monitored the evolution of the Technological Model and the progress of the Data
it carried out the prior assessment of the opinions issued by the Risk Management function on certain types of most significant transactions, among which the MSTs relevant to reputational

development, incorporated within a governance process dedicated to their maintenance.

Transformation programme, as part of the ongoing digitalisation of the Group;

and ESG-Climate Change risks have gradually become more important.

In this regard, in 2021 the Committee carried out the following activities, among other things: - it reviewed the 2021 Budget proposal, with quarterly analysis of the deviations, in combination with the strategies for protecting the net interest income on demand deposits and the Funding

ensures adequate interaction with the issues relating to remuneration and incentive policies.

monitoring of the consistency with risk appetite as defined by the Bodies;

Functions within the scope of the annual incentive system;

residual risks not covered by the plan, which must be expressly accepted by the Board.

security policy;

Management function.

R. 35 paragraph 2 R. 37 paragraph 2

R. 35 h)

States issued by the Federal Reserve.

sufficient for the performance of its duties.

through specific reports and via a summary.

it reviewed the Group Recovery Plan;
it monitored the 2018-2021 Group NPL Plan;

Functions

plan, and reviewed the cost allocation criteria;

Members	Enrolment with the Register of Statutory Auditors Practice as an auditor	Independent pursuant to the applicable regulations and the Articles of Association	Attendance percentage at meetings
Daniele Zamboni – Chair	X	X	100%
Rossella Locatelli		X	100%
Maria Mazzarella		X	100%
Andrea Sironi (*)		X	93%
Maria Alessandra Stefanelli		X	100%

In 2021, the Committee held 15 meetings. The average duration of meetings was approximately 50 minutes.

(*) Director Andrea Sironi resigned from office, effective 28 February 2022.

The Committee performs the duties and functions assigned to it by the RPT Procedures, in accordance with the provisions laid down by the Consob Regulation on related parties, the Bank of Italy regulations and Article 136 of the Consolidated Law on Banking.

Specifically, the Committee issues its opinion on the transactions that fall within the scope of the above Group Procedures, in the cases and in the manner provided for by the Procedures. In discharging its duties, the Committee complies with the guidelines issued by the competent Supervisory Authorities.

In 2021 the Committee examined 26 transactions, issuing for each a favourable, reasoned, nonbinding opinion.

The Committee also examined the updated Group Procedures regulating the conduct of transactions with related parties of Intesa Sanpaolo S.p.A., associated entities of the Group and relevant parties pursuant to Article 136 of the Consolidated Law on Banking, as well as the updated Committee Procedures, prior to their approval by the Board.

Information flows between and to Corporate Bodies

Effective information flows between and within the Corporate Bodies are an essential element of Intesa Sanpaolo's organisation and corporate governance. They enable the smooth fulfilment of the duties of the Board of Directors, the Board Committees and the Management Control Committee, and of the obligations imposed by the applicable legislation, as well as effective interaction with the Corporate Structures.

P. XX R. 11

R. 1 f)

In this regard, the Articles of Association and the Regulations of the Board and the Committees contain provisions aimed at achieving these objectives, as well as more effective coordination and full discussion between the Bodies. Specifically, the Board Regulations include, as an integral part thereof, a specific "Document on information flows" that summarises the required information flows between the Board, the Management Control Committee, other Committees and the Managing Director.

Information can be circulated periodically at pre-established deadlines or as needed in the case of single events subject to reporting obligations. These flows are a key condition for fully achieving the targets of efficient management and effective controls.

The system in place for the exchange of information between the Board as a whole, the Managing Director, the Management Control Committee and the other Committees, is appropriate, in terms of frequency and content, to ensure close and fast coordination of the functions of said Bodies while ensuring the clear separation of their respective tasks.

Processing of corporate information

Inside information and Insiders List

In line with the rules on the prevention of market abuse set out in Regulation (EU) 596 of 16 April 2014 (the "MAR Regulation") and the related European and national implementing provisions, the Bank has adopted the "Group Procedures for the management of the inside information of Intesa Sanpaolo" and the associated Process Guide; together, they govern the management of inside information regarding Intesa Sanpaolo and the Group Companies.

The Procedures are aimed at ensuring fair, efficient, prompt and transparent reporting by the Group Companies issuing financial instruments traded on regulated markets, multilateral trading systems and organised markets.

The organisational safeguards put in place to implement the applicable legislation govern the circulation of information that could have a significant effect on the prices of the financial instruments issued by Group Companies and include information monitoring and segregation measures that normally precede the entry of a record in the Insider List.

The Procedures designate the Managing Director and CEO, the Chairman of the Board of Directors and other specified Group employees and structures as the persons authorised to issue disclosures to the market regarding inside information on the Bank and the Group.

Internal Dealing

In line with EU rules on market abuse, Intesa Sanpaolo has adopted an Internal Dealing Regulation governing the disclosure obligations and operating restrictions applicable to the Board Members and to the Bank's key managers and the people closely associated with them, in relation to the execution of transactions involving the Bank's listed financial instruments (or other associated instruments).

The Regulation also governs the disclosure obligations of a party, or a person closely associated with that party, that comes to hold shares worth at least 10% of the Bank's share capital, or that comes to have control of the same.

Any transactions carried out by said parties are disclosed, including through the Bank's website.

Remuneration

Information flows between and to Corporate Bodies

targets of efficient management and effective controls.

ensuring the clear separation of their respective tasks.

Processing of corporate information

Intesa Sanpaolo and the Group Companies.

normally precede the entry of a record in the Insider List.

the market regarding inside information on the Bank and the Group.

Inside information and Insiders List

organised markets.

Internal Dealing

have control of the same.

Structures.

P. XX R. 11

R. 1 f)

The Procedures designate the Managing Director and CEO, the Chairman of the Board of Directors and other specified Group employees and structures as the persons authorised to issue disclosures to

transactions involving the Bank's listed financial instruments (or other associated instruments).

Any transactions carried out by said parties are disclosed, including through the Bank's website.

the Board, the Management Control Committee, other Committees and the Managing Director.

For the detailed mandatory information on the Remuneration of Directors and Key Managers1 and on the indemnities in the event of early cessation of office or termination of employment, see the Report on remuneration policy and compensation paid which is published by the Company as required by law and includes the Group Remuneration Policy, pursuant to Article 123-ter of the Consolidated Law on Finance, Article 84-quater of the Consob Issuers Regulation and the Supervisory Provisions on remuneration. In compliance with the Provisions issued by the Banking Supervisory Authorities, the Group Remuneration Policy also includes the Rules for identifying risk takers.

Full compliance is ensured with the binding regulatory provisions for banks and with the Principles and Recommendations of the Corporate Governance Code.

Furthermore, at Intesa Sanpaolo, the remuneration policy for Directors and Key Managers contributes to the pursuit of the Company's sustainable success and takes into account the need to have, retain and motivate people with the competence and professional skills required to successfully perform their role.

The remuneration of Non-executive Directors is set as a fixed amount at the time of their appointment and is proportionate to the competence, professional skills and commitment required by the duties entrusted to each of them within the Board also taking into account their possible participation in one or more Committees and avoiding incentive schemes in line with the Supervisory Provisions. The remuneration for participating in Board Committees includes a fixed annual amount for the Chairs of the Committees, plus an attendance fee for Committee members for each meeting actually attended. The remuneration of the members of the Management Control Committee is set by the Shareholders' Meeting at the time of their appointment and for the entire term of their office, proportionate to the competence, professional skills and commitment required. This specific remuneration consists exclusively of a fixed amount, which is equal for each Member and higher for the Chair.

The Remuneration policy for the Managing Director and CEO and the Key Managers is established by the Board of Directors, with the support of the Remuneration Committee. The policy, which complies with the Supervisory Provisions and the principles and recommendations of the Corporate Governance Code, establishes, among other things:

a correct balance between the fixed and variable components of the remuneration, consistent with the strategic objectives and risk management policy, providing that the variable component makes up a significant proportion of the overall remuneration;
specific performance targets, including non-financial ones, linked to the payment of the variable components, which are predetermined, measurable and relating to a significant extent to the medium-long term horizon. Said targets are consistent with the company's strategic objectives, aim to promote its sustainable success and are adjusted for the risks taken;
caps on the payment of the variable component2;
an appropriate deferral period for the payment of a portion of the variable component;

P. XV R. 25 paragraph 2

R. 29

R.30

P. XVI R. 25 a)

R. 27

¹ This category also includes top management pursuant to the Corporate Governance Code.

² The Intesa Sanpaolo Group determined the cap on the variable remuneration, in general, at 100% of the fixed remuneration, except for Corporate Control Function roles and similar roles (i.e. the Manager responsible for preparing the Company's financial reports and the Head of the Safety and Protection Head Office Department as the Group Data Protection Officer) who have a cap of 33% of the fixed remuneration. The cap has been raised for some specific categories of staff, in compliance with the provisions and procedures laid down in the applicable legislation, as described in detail in the Report on remuneration policy and compensation paid.

the payment of a portion of the variable remuneration in financial instruments subject to postvesting holding periods (retention);
clawback and malus mechanisms; as well as
clear and predetermined rules for possible severance indemnities.
The share-based remuneration and incentive plans (both short and long term) for the Managing Director and CEO and the Key Managers are aligned with the interests of the shareholders over a medium/long-term horizon, and include appropriate vesting and retention periods, in line with the applicable legislation. R.28

For the heads of the Corporate Control Functions, as defined by the Supervisory Provisions on the control system, the incentive schemes are consistent with the tasks assigned and independent of the results achieved by the areas subject to their control.

As already highlighted, the Board of Directors has established a Remuneration Committee within the Board, composed of Non-executive Directors, most of whom are independent. The Chair of the Remuneration Committee is chosen from among the Independent Directors. In appointing the Committee members, the Board took into consideration their professional skills to ensure that at least one member has appropriate knowledge and experience in financial matters or R.26

The Articles of Association, in accordance with applicable legislation, require the approval of the Bank's Ordinary Shareholders' Meeting for:

the remuneration policies for members of the Board of Directors and for personnel;
plans based on financial instruments;

remuneration policies.

R.31

the criteria for determining severance payments for early termination of employment or early cessation of office, including the caps on such payments in accordance with the applicable legislation
the proposal, if any, by the Board of Directors to set a limit on the ratio of the variable to the fixed components of remuneration for individual employees of more than 1:1 but not exceeding the maximum limit established by the legislation.

After the internal processes for the allocation or payment of indemnities and/or other benefits to the Managing Director and/or Key Managers are completed, the Bank discloses the required detailed information to the public.

Operating structure

Divisions, Governance Areas and Head Office Departments reporting directly to the Managing Director and CEO

To maximise organisational focus on the individual business areas and the specialisation of operating and business processes and to ensure the necessary overall coherence of Group governance, the Parent Company is divided into six Divisions – each consisting of groups of business lines with similar characteristics in terms of products and services provided and regulatory framework – Head Office Departments and Staff Units, most of which are grouped into Governance Areas reporting directly to the Managing Director and CEO.

Said functions are set out below:

Divisions
- Banca dei Territori;
- IMI Corporate & Investment Banking;
- International Subsidiary Banks;
- Private Banking;
- Asset Management;
- Insurance.
Governance Areas/Head Office Departments reporting directly to the Managing Director and CEO
- Chief Operating Officer Governance Area;
- Chief IT, Digital and Innovation Officer Governance Area;
- Chief Cost Management Officer Governance Area;
- Chief Lending Officer Governance Area;
- Chief Financial Officer Governance Area;
- Chief Risk Officer Governance Area;
- Chief Compliance Officer Governance Area;
- Chief Governance Officer Governance Area;
- Chief Institutional Affairs and External Communication Officer Governance Area;
- Strategic Support Head Office Department;
- Safety and Protection Head Office Department.

In addition to the aforesaid structures, the Chief Audit Officer reports directly to the Board of Directors to ensure his/her necessary autonomy and independence.

The Heads of the Organisational Structures of the Divisions, Governance Areas and Head Office Departments reporting directly to the Managing Director and CEO, and the Heads of Group companies, within the general policy and guidelines framework, are tasked with achieving objectives in their specific areas, also through the optimum use of assigned human and technical resources.

For additional information on Intesa Sanpaolo's organisational structure, see the Bank's website ("Intesa Sanpaolo Group" / "About us", "'Organisational structure and Top Management" pages).

Lastly, it should be noted that all Bank Structures operate on the basis of specific Regulations establishing the scope of their powers and responsibilities, which are disseminated throughout the Bank, together with the operating procedures that govern how all the Bank's various processes are to be performed. All the main decision-making and implementing processes concerning Bank operations are codified and can be monitored and viewed by the entire Structure.

Group Managerial Committees

As part of the mechanisms put in place to guarantee effective management of the operational matters relevant to the entire Group, monitor effectively the Group's risk profile, and ensure an appropriate level of internal communication and discussion, special Managerial Committees are established by the Bank, composed of Bank Executives and Members of the Group companies' top management.

The Articles of Association assign to the Board of Directors the task of establishing and determining the composition, duties and powers of each of the Managerial Committees.

The following Committees operated in 2021:

Steering Committee, chaired by the Managing Director and CEO and consisting of the Bank's first management line, where the Managing Director and CEO and his/her direct reports discuss decisions/processes of particular relevance to the company's management.

In this context, the Steering Committee acts as a management decision-making, consultative and reporting body whose duties include:

assisting the Managing Director and CEO;
collaborating with the Managing Director and CEO in drafting the Business Plan and implementing the key management initiatives;
strengthening the coordination and the cooperation mechanisms between the various business, governance and control areas of the Bank and the Group, to share the main business choices;
helping ensure coordinated and integrated risk management, and the safeguarding of business value at Group level.

To this end, the Committee operates both through Plenary Sessions (where the Managing Director and CEO considers it useful to involve the entire top management on major issues), and through specific separate thematic sessions (Business Plan and Sustainability (ESG), Shareholdings, Investments, Group Risk Analysis, Credit Strategies, Recovery & Resolution Plan, Supervisory Remediation Plans).

Group Financial Risk Committee: a technical body with decision-making, advisory and reporting powers, focused both on the banking business (proprietary financial risks for banking and trading books, as well as Active Value Management) and the life and non-life insurance business (exposure of results to the trend in market and technical variables).
Group Control Coordination and Non-Financial Risks Committee: a technical body operating in line with the guidelines set by the Parent Company's Board of Directors and on the basis of the operational and functional powers delegated to it by the Board, to strengthen coordination and interdepartmental cooperation mechanisms:
- o with regard to the Group internal control system, facilitating the integration of the risk management process;
- o in relation to non-financial and reputational risks, supporting their effective management.
Group Credit Committee: a technical body, comprising a Performing Loans Session and a Non-Performing Loans Session, with a decision-making and advisory role that is tasked with ensuring the coordinated management of issues relating to credit risk, making decisions on credit facilities and adjustments/write-offs to the extent of its assigned powers and issuing "compliance opinions" on the resolution proposals from subsidiaries.
Hold to Collect and Sell (HTCS) Sign-Off Committee: a technical body with qualified competence concerning the market risk-taking proposals made by the business structures of the Parent Company or the subsidiary banks, on the HTCS shares required for Originate to Share ("OtS") transactions. These transactions consist of loans originated in order to be distributed to third-party operators on the primary or post-primary market and which, at origination, have a holding period of no more than 12 months.
Credit Risk and Pillar 2 Internal Models Committee: a technical body with decision-making, reporting and advisory role, which assesses the issues relating to the relevant models and supports the Managing Director and CEO in performing the associated duties. Its scope of operation includes i) internal credit risk measurement and management models and ii) internal models relating to Pillar 2 risks (excluding Pillar 2 models for the measurement and quantification of Banking Book financial risks, which are handled by the Group Financial Risk Committee, and Pillar 2 models for the measurement and quantification of operational and reputational risks, which are handled by the Group Control Coordination and Non-Financial Risks Committee).

Each Committee follows specific Regulations governing its organisation and operation, approved by the Board of Directors.

Diversity and inclusion policy

The following Committees operated in 2021:

reporting body whose duties include:

value at Group level.

Remediation Plans).

assisting the Managing Director and CEO;

implementing the key management initiatives;

of results to the trend in market and technical variables).

interdepartmental cooperation mechanisms:

on the resolution proposals from subsidiaries.

Group Control Coordination and Non-Financial Risks Committee).

management process;

no more than 12 months.

the Board of Directors.

Steering Committee, chaired by the Managing Director and CEO and consisting of the Bank's first management line, where the Managing Director and CEO and his/her direct reports discuss

In this context, the Steering Committee acts as a management decision-making, consultative and

collaborating with the Managing Director and CEO in drafting the Business Plan and

strengthening the coordination and the cooperation mechanisms between the various business, governance and control areas of the Bank and the Group, to share the main business choices; helping ensure coordinated and integrated risk management, and the safeguarding of business

Group Financial Risk Committee: a technical body with decision-making, advisory and reporting powers, focused both on the banking business (proprietary financial risks for banking and trading books, as well as Active Value Management) and the life and non-life insurance business (exposure
Group Control Coordination and Non-Financial Risks Committee: a technical body operating in line with the guidelines set by the Parent Company's Board of Directors and on the basis of the operational and functional powers delegated to it by the Board, to strengthen coordination and

o with regard to the Group internal control system, facilitating the integration of the risk

o in relation to non-financial and reputational risks, supporting their effective management.

Group Credit Committee: a technical body, comprising a Performing Loans Session and a Non-Performing Loans Session, with a decision-making and advisory role that is tasked with ensuring the coordinated management of issues relating to credit risk, making decisions on credit facilities and adjustments/write-offs to the extent of its assigned powers and issuing "compliance opinions"
Hold to Collect and Sell (HTCS) Sign-Off Committee: a technical body with qualified competence concerning the market risk-taking proposals made by the business structures of the Parent Company or the subsidiary banks, on the HTCS shares required for Originate to Share ("OtS") transactions. These transactions consist of loans originated in order to be distributed to third-party operators on the primary or post-primary market and which, at origination, have a holding period of
Credit Risk and Pillar 2 Internal Models Committee: a technical body with decision-making, reporting and advisory role, which assesses the issues relating to the relevant models and supports the Managing Director and CEO in performing the associated duties. Its scope of operation includes i) internal credit risk measurement and management models and ii) internal models relating to Pillar 2 risks (excluding Pillar 2 models for the measurement and quantification of Banking Book financial risks, which are handled by the Group Financial Risk Committee, and Pillar 2 models for the measurement and quantification of operational and reputational risks, which are handled by the

Each Committee follows specific Regulations governing its organisation and operation, approved by

decisions/processes of particular relevance to the company's management.

Intesa Sanpaolo has adopted Diversity & Inclusion Principles to clarify and translate into practice its commitment to implementing and disseminating, within and outside the Group, an inclusion policy that embraces all forms of diversity, including gender, age, culture, religion, physical and mental conditions and any other personal characteristics, including freedom of thought and expression. R. 8

The document complements the Group's Code of Ethics and Internal Code of Conduct, building on the message concerning the Group's core values and helping to implement the provisions on Diversity and Inclusion laid down in the Business Plan.

The Principles set out in the document apply to all Intesa Sanpaolo Group people in their dealings with internal and external stakeholders and to the members of the management and control bodies. Compliance with the Principles is also required of agents, independent financial advisors, collaborators and suppliers.

The document sets out the principles underpinning the inclusion policy, namely (i) respect for all individuals in the expression of their identity and diversity, (ii) promotion of each person's talents, (iii) meritocracy and (iv) equal opportunities.

Specifically, Intesa Sanpaolo has a strong focus on gender equality, with precise commitments to promote gender-balanced career opportunities, encourage the presence of women at all levels of the hierarchy and contrast the gender pay gap.

The Group's recruitment practices are also characterised by the promotion of gender balance and all dimensions of diversity, including multicultural elements.

The Chief Operating Officer, with the support of the dedicated Diversity & Inclusion Structure, proposes objectives and guidelines in this area, promoting their implementation through projects and work plans designed for the Divisions, Governance Areas and Group Companies. The Chief Operating Officer also prepares an annual report for the Parent Company's Board of Directors on the work done and the results achieved.

More broadly, Intesa Sanpaolo has received a number of international recognitions for its commitment to Diversity & Inclusion.

Intesa Sanpaolo was included for the fifth consecutive year in Bloomberg's Gender Equality Index 2021 (GEI) – a thematic index on gender equality launched by Bloomberg in 2018 – obtaining a score of 82.39%, well above the average of financial sector companies.

Intesa Sanpaolo was also confirmed in the Refinitiv Diversity and Inclusion Index 2021, for its commitment to supporting inclusion and protecting diversity. The index analyses data from listed companies globally and identifies the top 100 companies at the forefront of inclusion and diversity practices in the workplace. Intesa Sanpaolo ranks 50th out of 11,000 companies analysed, the sixth bank globally, the first bank in Europe and the only bank in Italy.

In 2021, Intesa Sanpaolo was the first bank in Italy and among the first in Europe to receive the Gender Equality and Diversity European & International Standard (GEEIS-Diversity), an international certification issued by the Arborus Association through the certifying body Bureau Veritas, aimed at assessing the commitment of organisations to diversity and inclusion. The audit process looked at data, HR processes, policies and action plans with a focus on the close connection between collecting feedback, implementing actions and projects, and monitoring results.

Furthermore, the Group's policy envisages actions to promote the value of inclusion also externally, in the socio-economic context and the communities in which it operates.

P. XVIII P. XIX P. XX

Part III – Control and risk management system

Main characteristics

In accordance with the Supervisory Provisions on the control system, the Company has adopted the "Integrated Internal Control System Regulation", which sets out the guidelines for the control system of Intesa Sanpaolo, in its capacity as Bank and Parent Company of the Banking Group. The Regulation implements the reference principles and establishes the responsibilities of the Bodies and functions with control duties, which contribute, within their respective remits, to the proper functioning of the internal control system. The Regulation also establishes the coordination arrangements and information flows supporting the system's integration.

The document establishes the reference framework of the Intesa Sanpaolo Group's internal control system, which includes the principles and rules on controls that must be reflected and incorporated in the Group's internal regulations with reference to specific areas of prudential supervision.

The Group companies have implemented the Regulation and – where applicable – adopted a corresponding internal regulation setting out the guidelines of their respective internal control systems.

The internal control system is built around a set of rules, functions, structures, resources, processes and procedures aimed at ensuring, in compliance with sound and prudent management, the achievement of the following objectives:

verification of the implementation of company strategies and policies;
containment of risks within the limits set out in the reference framework for determining the Bank's risk appetite (Risk Appetite Framework);
safeguard of asset value and protection from losses;
effectiveness and efficiency of corporate processes;
reliability and security of corporate information and IT procedures;
prevention of the risk that the Bank may be involved, even unbeknownst to it, in illegal activities (especially those linked to money-laundering, usury and terrorist financing);
compliance of business operations with the law and supervisory regulations, as well as internal policies, procedures and regulations.

The internal control system plays a crucial role and involves the entire corporate organisation (Bodies, structures, hierarchical levels, all personnel).

In line with laws, Supervisory regulations and the recommendations of the Corporate Governance Code, the internal control system put in place by the Bank is suitable for continuously identifying, measuring, managing and monitoring the typical risks of its business activity and of the Group companies' activities. The system involves the Corporate Bodies, Managerial Committees, special internal control functions, the Surveillance Body and the Manager responsible for preparing the Company's financial reports. The independent auditors also contribute to the control system.

In compliance with the guidelines issued by the Corporate Bodies, the internal control system has been designed so as to constantly identify, manage and monitor business-related risks. The system is largely built on the Supervisory Provisions on the control system, on corporate governance and on investment services and activities, and takes into account the developments in international best practices.

The internal control system consists of three levels, in line with the legal and regulatory provisions in force. The model has the following types of control:

firstly, line controls, which are designed to ensure the proper conduct of operations and where possible, are incorporated into IT procedures. They are carried out by the same operating and business structures ("Level I control functions"), including through units dedicated solely to control duties reporting to the heads of the same structures or performed as part of the back office;

R. 32 a) b) c) d) e) f)

the second level consists of the risks and compliance controls, which are intended to ensure, among other things: R. 32 e)
- o correct implementation of the risk management process;
- o compliance with the operating limits assigned to the various functions;

o compliance of business operations with the rules, including those on self-regulation.

The functions responsible for these controls ("Level II control functions") are separate from operating functions and contribute to defining the risk governance policies and risk management process. In the Intesa Sanpaolo Group, Level II functions are carried out by the following Parent Company structures and the corresponding structures in the Group companies, where existing:

Chief Compliance Officer Governance Area, to which the Anti Financial Crime Head Office Department also reports;
Chief Risk Officer Governance Area, to which the Internal Validation and Controls Head Office Department reports.

In accordance with the Supervisory Provisions, which require said functions to be independent from operating structures and separate from internal auditing, the Heads of the Chief Risk Officer Governance Area and the Chief Compliance Officer Governance Area report directly to the Managing Director and CEO and, as required by the legislation, have direct access to the Corporate Bodies, to which they report, without restrictions or intermediation, on the findings from the monitoring activities carried out;

the third level consists of internal audit controls, aimed at identifying violations of procedures and regulations, as well as periodically assessing the completeness, adequacy, functionality (in terms of efficiency and effectiveness) and reliability of the organisational structure of the other components of the internal control system and information system (ICT audit) at Group level. The frequency of these controls is scheduled according to the nature and extent of the risks. R. 32 d)

Internal auditing is carried out by the Parent Company's Chief Audit Officer and by the equivalent local units of Group companies, where established.

In line with the Supervisory Provisions, the Chief Audit Officer reports directly to the Board of Directors and functionally to the Management Control Committee. R. 35 f)

In Intesa Sanpaolo, there are also other functions with control tasks, such as the Business Continuity function and the Cybersecurity function.

The internal control system has a comprehensive set of information flows with the Bodies, the various structures concerned and the Group companies to enable full and effective control of risk factors. P. XX

As mentioned, the "Integrated Internal Control System Regulation" of Intesa Sanpaolo also establishes specifically the procedures for coordination and collaboration between the Functions having control duties, to ensure the control system is effectively integrated and all corporate risks are appropriately controlled.

The single elements of the internal control system are monitored by the Control Functions themselves, within the scope of their respective competence and within Group Control Coordination and Non-Financial Risks Committee, in the Integrated Internal Control System session. The aim of this session is to strengthen coordination and interdepartmental cooperation mechanisms on the internal control system and to aid the integration of the risk management process.

To this end, the Control Functions put in place appropriate coordination and collaboration mechanisms, based on specific "integration parameters", applied across the phases of the risk management process:

building a common language;
adopting detection and assessment methods and instruments;
designing risk reporting templates;
holding official coordination sessions for activity planning;
ensuring continuous information flows;

sharing the identification of remedial actions; • building a risk culture
the second level consists of the risks and compliance controls, which are intended to ensure, among

Chief Compliance Officer Governance Area, to which the Anti Financial Crime Head Office
Chief Risk Officer Governance Area, to which the Internal Validation and Controls Head Office

the third level consists of internal audit controls, aimed at identifying violations of procedures and regulations, as well as periodically assessing the completeness, adequacy, functionality (in terms of efficiency and effectiveness) and reliability of the organisational structure of the other components of the internal control system and information system (ICT audit) at Group level. The frequency of these

Internal auditing is carried out by the Parent Company's Chief Audit Officer and by the equivalent

In line with the Supervisory Provisions, the Chief Audit Officer reports directly to the Board of

In Intesa Sanpaolo, there are also other functions with control tasks, such as the Business Continuity

o compliance of business operations with the rules, including those on self-regulation.

structures and the corresponding structures in the Group companies, where existing:

o correct implementation of the risk management process;

o compliance with the operating limits assigned to the various functions;

controls is scheduled according to the nature and extent of the risks.

Directors and functionally to the Management Control Committee.

system and to aid the integration of the risk management process.

• adopting detection and assessment methods and instruments;

• holding official coordination sessions for activity planning;

local units of Group companies, where established.

function and the Cybersecurity function.

• building a common language;

• designing risk reporting templates;

• ensuring continuous information flows;

other things:

R. 32 e)

R. 32 d)

R. 35 f)

P. XX

carried out;

controlled.

Department also reports;

Department reports.

In this context, the adequacy of the system's key elements is assessed on an ongoing basis by the Corporate Bodies, and is taken into consideration, respectively, in the report on operations attached to the Parent Company's financial statements, in this Report and in the report pursuant to Article 153 of the Consolidated Law on Finance.

To strengthen further the internal control system and in compliance with the regulations issued by the Bank of Italy, the "Group rules on the internal reporting system of violations (Whistleblowing)" have been drafted and made available to employees who may report, not anonymously, facts or conduct that may constitute a breach of the rules governing banking activities and any other irregular conduct of which they may become aware.

The reporting system ensures the confidentiality of the whistle-blower, excluding the risk of retaliatory, unfair or discriminatory behaviours.

After the above overview, the main elements of the internal control system are described below, including the structure of financial information controls (comprising the duties of the Manager responsible for preparing the Company's financial reports, the financial information control system and the independent audit), the role performed by the Corporate Control Functions as defined in the Supervisory Provisions (risk control, regulatory compliance, internal auditing, anti-money laundering and validation) and crime prevention models.

The role of the Corporate Bodies

The task of ensuring the completeness, adequacy, functionality and reliability of the internal control system at Group level is entrusted to the Corporate Bodies, in compliance with the Supervisory Provisions on the control system and the Supervisory Provisions on corporate governance.

Specifically, in order to ensure an integrated and consistent internal control system and adequate monitoring of the risks to which the Group is or may be exposed, the Group-level strategic decisions concerning the internal control and risk management system are under the remit of the Board of Directors of Intesa Sanpaolo, as the Parent Company. Thus, the Board plays this role not only with reference to the Parent Company, but also assessing the Group's overall operations and the overall risks to which it is exposed.

The Board, with the support of the Risks Committee and taking into account the proposals of the Managing Director and CEO, is in charge of establishing and approving the overall governance and organisational structure of the Bank and the Group, the guidelines of the internal control system, the risk appetite and the risk governance policies and processes. The Board is also responsible for guidance and control with respect to the information system (including supervising the analysis of IT risk) and business continuity. R. 33 a)

The Board also approves the establishment of the internal control functions, outlining their duties and responsibilities, and appoints the Manager responsible for preparing the Company's financial reports and the heads of the Corporate Control Functions (Chief Audit Officer, Chief Risk Officer, Chief Compliance Officer, Head of the Validation Department of internal risk measurement systems, Head of the Anti-Money Laundering Department). The Board also appoints the Head of Suspicious Activity Reporting, in line with the anti-money laundering regulation, as well as the Manager responsible for the Business Continuity Plan.

The Board examines the reports prepared, at least annually, by the Corporate Control Functions and approves the annual work plan, including the audit plan and the multi-year audit plan prepared by the head of the internal auditing function, after their examination by the Risks Committee and the Management Control Committee.

In addition, the Board evaluates the remarks made by the independent auditor in the letter of recommendations, if any, and in the additional independent audit report, pursuant to Article 11 of Regulation (EU) 537/2014, after their examination by the Management Control Committee and the Risks Committee.

In performing its strategic supervision and guidance functions on the internal control system and risk matters, the Board of Directors is supported by the Risks Committee. R. 32 c)

P. XIX R. 33 a)

P. XIX R. 32 a)

R. 33 g)

R. 33 b), d)

R. 33 c) R. 36 a)

R. 33 f)

The Management Control Committee, which acts as the statutory Control Body, is tasked with supervising the completeness, adequacy, functionality and reliability of the internal control system and Risk Appetite Framework, as well as the business continuity plan. R. 32 f)

The Committee also verifies the effectiveness of all the structures and functions involved in the control system and their proper coordination, and promotes actions to correct any deficiencies or irregularities detected.

The Committee monitors the effectiveness of the control, internal auditing and risk management systems, as well as the financial reporting process, the audit of the annual or consolidated financial statements, and the independence of the independent auditors, also in its capacity as Internal Control and Audit Committee pursuant to Italian Legislative Decree No. 39/2010. In the latter role, it is also tasked with notifying the Board of Directors of the outcome of the independent audit and sending to it the report pursuant to Article 11 of Regulation (EU) 537/2014.

To carry out its functions, the Committee receives adequate information flows from the other Corporate Bodies and the corporate functions, including control functions.

Specifically, the Committee receives from the control functions the work plans, the periodic reports, which are prepared at least annually, and information flows on specific situations or company trends, in particular on any significant deficiencies or breaches detected.

The Committee exchanges information of mutual interest and, where appropriate, coordinates with the Risks Committee for the performance of the respective duties, including in relation to acts and disclosures of mutual interest; it also liaises closely with the subsidiaries' control bodies, to contribute to the timely exchange of all relevant information.

The Managing Director and CEO has the power to submit proposals for resolutions concerning the internal control and risk system, without prejudice to the power of proposal reserved for individual Directors and Board Committees. The Managing Director is also in charge of implementing all the Board resolutions, in particular implementing the strategic guidelines, the RAF and the risk governance policies defined by the Board.

The Managing Director ensures the integrated management of all corporate risks, assessing the internal and external factors that may give rise to them and their interaction, and takes the measures necessary to make the organisation and the internal control system compliant with the regulatory principles and provisions, continuously monitoring compliance at Bank and Group level. The Managing Director also issues provisions to ensure that the various corporate functions implement the risk management and control process at Bank and Group level; he coordinates the structure and operations of the internal risk measurement systems and the ICAAP and ILAAP process, in line with the Supervisory Provisions, the strategic guidelines, the RAF and the risk governance policies defined and approved by the Board.

The role of the Managerial Committees

During 2021, within the scope of the risk control and management system, a key role was performed by the Managerial Committees operating within the scope of the Bodies' prerogatives and the specific skills of the corporate control functions.

For a description of the Managerial Committees' duties, see the paragraph "Group Managerial Committees" in the "Operating structure" chapter.

With reference to the internal control and risk management system, the activities carried out by the following Committees are noted below:

the Group Control Coordination and Non-Financial Risks Committee pursues the goal of reinforcing coordination and interdepartmental cooperation mechanisms within the Group internal control system, promoting the integration of the risk management process.

In the context of the "Integrated Internal Control System" session, the Committee monitors the implementation and ongoing maintenance of the integrated internal control system.

Within the "Operational and Reputational Risk" session, the Committee has the task of issuing prior opinions on Group policies for operational and reputational risk control submitted for approval by the Board of Directors. The Committee is also tasked with overseeing the management of events of significant impact and relevance as well as the Group's overall non-financial risk profile, assessing the mitigation plans (approving them if the RAF early warning thresholds for the monitoring of the internal control system are exceeded) and monitoring the implementation of the mitigation measures (possibly based on guidance from the Corporate Bodies and/or the Steering

Committee) and approving, on the instructions of the Board of Directors, the operational risk transfer strategies. Within the Compliance Risk Session, the Committee examines the results of the periodic compliance risk assessment process and the annual plan of risk management measures; it monitors the evolution of legislation and of the regulators' expectations and their main impacts on the processes; it examines, assesses and monitors the mitigation plans prepared by the structures in charge of resolution actions in the event of high-impact and high-relevance problems, and it monitors the development of Risk Appetite Framework limits and thresholds.

The Committee sessions are attended by the Heads of the Corporate Control Functions and by the Manager responsible for preparing the Company's financial reports. Participation in the Committee sessions by the Manager responsible for preparing the Company's financial reports as a permanent member helps said Manager to discharge his statutory duties and fulfil his role under the Company Regulations to supervise the financial reporting process. It also furthers the cross-functional coordination and integration of control activities in this area;

the Steering Committee contributes to coordination and integrated risk management and to the safeguarding of the corporate value at Group level, including the correct functioning of the internal control system. The "Group Risk Analysis" Session is aimed at ensuring risk monitoring and management, in implementation of the strategic guidelines and management policies defined by the Board. This session has several risk-related responsibilities, including examining the draft Group Risk Appetite Framework and the Risks Tableau de Bord; in this session, the Committee is also informed of the contents of the Group's ICAAP and ILAAP package.

Furthermore, in the "Credit Strategies" Session, the Steering Committee reviews the draft Credit Strategy and periodically checks its correct implementation and considers any necessary corrective measures;

the Group Financial Risk Committee's functions comprise two sessions:

The Management Control Committee, which acts as the statutory Control Body, is tasked with supervising the completeness, adequacy, functionality and reliability of the internal control system and

To carry out its functions, the Committee receives adequate information flows from the other Corporate

For a description of the Managerial Committees' duties, see the paragraph "Group Managerial

With reference to the internal control and risk management system, the activities carried out by the

the Group Control Coordination and Non-Financial Risks Committee pursues the goal of reinforcing coordination and interdepartmental cooperation mechanisms within the Group internal control

implementation and ongoing maintenance of the integrated internal control system.

In the context of the "Integrated Internal Control System" session, the Committee monitors the

system, promoting the integration of the risk management process.

Risk Appetite Framework, as well as the business continuity plan.

the report pursuant to Article 11 of Regulation (EU) 537/2014.

Bodies and the corporate functions, including control functions.

particular on any significant deficiencies or breaches detected.

the timely exchange of all relevant information.

The role of the Managerial Committees

Committees" in the "Operating structure" chapter.

policies defined by the Board.

approved by the Board.

of the corporate control functions.

following Committees are noted below:

detected.

R. 32 f)

R. 37 paragraph 2

R 32 b) R 34

the Risk Analysis and Assessment Session, responsible for evaluating, ahead of the Board's approval, the guidelines on undertaking and measuring financial and liquidity risk and the proposals for operational limits, and responsible, within the scope of its powers, for assigning the related values to the Parent Company, with possible breakdown by Division or operational segment, and to the Group Banks and Companies. The session also verifies the financial risk profile and the exposure to liquidity and interest rate risk of the Group and individual Group Banks and Companies;
the Management Guidelines and Operating Choices session, which issues operational guidelines for implementing the strategic guidelines and risk management policies defined by the Board of Directors for banking book management and for liquidity, interest rate and exchange risks and periodically verifies the Group's overall financial risk profile, as well as the appropriate measures for mitigating such risk;
the Credit Risk and Pillar 2 Internal Models Committee oversees the issues relating to credit risk measurement and management internal models, as well as the internal models for Pillar 2 risks (excluding Banking Book financial risks, which are covered by the Group Financial Risk Committee and the Pillar 2 models for the measurement and quantification of operational and reputational risks, which are covered by the Group Control Coordination and Non-Financial Risks Committee);
the Hold To Collect and Sell (HTCS) Sign-Off Committee has qualified competence on the market risk taking proposal made by the business structures of the Parent Company or the subsidiary banks on the HTCS shares required for Originate to Share ("OtS") transactions;
the Group Credit Committee has a decision-making and advisory role to ensure the coordinated management of credit risk issues within the scope of the powers assigned to it by the Board of Directors.

Corporate Control Functions

The Chief Audit Officer

R. 32 d) R. 36 paragraph 1

The internal auditing function is carried out by the Chief Audit Officer, who reports directly to the Board of Directors (and, on its behalf, to its Chairman), and also reports functionally to the Management Control Committee, while appropriately liaising with the Managing Director and CEO. The Chief Audit Officer does not have any direct responsibilities for the operational areas.

This Function has a structure and a control model in line with the organisational structure of Intesa Sanpaolo and the Group.

The Chief Audit Officer - to whom the Internal Audit Structures of the Italian and international companies of the Group functionally report - enjoys the necessary autonomy and independence from the operating structures; the Function has access to all the activities conducted at both the head office departments and the local structures. The Bank's audit function cannot be entrusted to external parties; where third parties are entrusted with relevant services for the operation of the internal control system (e.g. data processing), the Internal Auditing Department must have access also to the activities of said parties.

The structure performs overall level-III assessment of the internal control system, recommending possible improvements to the Corporate Bodies, in particular as regards the RAF, the risk management process and their measurement and control tools.

In particular, it assesses the completeness, adequacy, functionality and reliability of the components of the internal control system, the risk management process and the corporate processes, also with regard to their ability to identify and prevent errors and irregularities. In this context, inter alia, it audits the risk control and regulatory compliance corporate functions, also through participation in projects, so as to generate added value and improve the effectiveness of the control and corporate governance processes. The audit action concerns directly both Intesa Sanpaolo and the Group companies.

The Internal Auditing Department is also responsible for assessing the effectiveness of the RAF definition process, the internal consistency of the overall framework and the compliance of Bank operations with the RAF. In the context of the RAF, the Chief Audit Officer contributes to the Integrated Risk Assessment conducted by the corporate control functions and by the Manager responsible for preparing the Company's financial reports.

The structure has personnel with the appropriate professional skills and expertise, and operates in accordance with best practices and the international standards for the professional practice of internal auditing established by the Institute of Internal Auditors (IIA). The Internal auditors conduct their activity in line with the principles laid down in the Internal Auditor's Code of Ethics, which is modelled on that proposed by the Institute of Internal Auditors. As required by the international standards, this Function undergoes an external Quality Assurance Review at least every five years. The latest review was launched at the end of 2018 on the request of the Management Control Committee and ended in the first quarter of 2019, confirming the highest assessment on the scale ("Generally Compliant"). At the end of 2021, a new assessment was launched and will end in the first quarter of 2022.

The Function uses structured risk assessment methods to identify the most sensitive areas and the main new risk factors. Based on the findings of the risk assessment and the resulting priorities, as well as on any specific requests for further investigation made by Top Management or the Corporate Bodies, it prepares and submits an Annual Action Plan for prior examination by the Management Control Committee and subsequent approval by the Board of Directors, on the basis of which it conducts its activities during the year. The Function also prepares a Multi-Year Plan.

The Plan may be revised during the year as a result of extraordinary events, also deriving from potential risk evolution and from new requests from the Corporate Bodies. The Chief Audit Officer ensures the proper performance of the internal whistleblowing management process.

The Chief Audit Officer supports corporate governance and ensures that Top Management, the Corporate Bodies and the competent Authorities receive timely and frequent information on the status of the control system and on the results of the activities carried out.

R. 36 a) e)

R. 33 b) R. 36 paragraph

R. 36 b) c)

Audits are performed directly for the Parent Company, as well as for subsidiaries under an outsourcing contract; for other Group entities that have their own internal audit functions, on the other hand, indirect control is maintained.

In the latter case, the indirect audit is conducted via the steering and functional coordination of the Auditing structures in the Italian and international banks and subsidiaries, to ensure consistent controls and due examination of the different types of risks, also verifying the structural and operational effectiveness and efficiency of said auditing structures. Furthermore, direct audit and verification are also performed in the institutional capacity as Parent Company.

Any weaknesses are systematically reported to the Corporate Functions concerned for prompt remedial action, with appropriate follow-up to monitor the effectiveness of said action.

Summary internal control system assessments from the checks are periodically submitted to the Management Control Committee and the Board of Directors.

The audit reports with a negative opinion or major shortcomings are sent in full to the Board, the Managing Director and CEO and the Management Control Committee, as well as the Boards of Directors and Boards of Statutory Auditors of the subsidiaries concerned.

R. 36 d)

The main weaknesses detected and their evolution over time are included in the Audit Tableau de Bord (TdB), with evidence of the ongoing mitigation actions, the parties responsible for implementing them and the relevant deadlines, to ensure systematic follow-up.

The Chief Audit Officer coordinates the "Integrated Internal Control System" session of the Group Control Coordination and Non-Financial Risks Committee; he/she supports the "231 Model" Surveillance Body in ensuring constant and independent verification of the regular performance of operations and processes, to prevent or detect anomalous and risky conduct or events, and in monitoring the compliance and effectiveness of the rules in the 231 Model; lastly, he/she participates in the Plenary, Business Plan and Sustainability (ESG) and Supervisory Remediation Plans sessions of the Steering Committee and, upon specific request, also in the Investments session.

Internal Auditing ensures constant self-assessment of its efficacy and efficiency in line with the internal "quality assurance and improvement" plan drafted in accordance with the recommendations of the international standards for the professional practice of internal auditing. In this context, in 2021, in line with the roadmap set out in the 2018-2021 Business Plan, the Function's evolution programme named Future Audit Solutions and Transformation (FAST) came to an end and the new programme, Strategic Audit Innovation Line-up (SAIL), was launched for the period 2022-2025 in line with the new Business Plan.

The Chief Risk Officer

The Chief Risk Officer, directly reporting to the Managing Director and CEO, is the head of the Governance Area of the same name in charge of the risk management functions, which includes the controls on the risk management process and, through the Internal Validation and Controls Head Office Department, the internal validation process.

The Chief Risk Officer Governance Area is one of the pillars of the "second line of defence" of the internal control system, and as such it is separate and independent from the business functions. Functional reports to this Area include the risk control functions of subsidiaries with a decentralised management model and the representatives of the Parent Company's risk control function at the subsidiaries with a centralised management model.

The main duties of the Chief Risk Officer Governance Area are as follows:

governing the macro-process of definition, approval, control and implementation of the Group's Risk Appetite Framework (RAF) with the support of the other corporate functions involved;
consistent with corporate strategies and objectives, assisting the Bodies in defining and implementing risk management guidelines and policies;
coordinating the implementation of risk management guidelines and policies by the relevant Group business units, also in the Group companies;
measuring and controlling the Group's exposure to the various types of risk, also verifying the implementation of the guidelines and policies mentioned in the above paragraph;

monitoring the risks for the Group's Divisions, also by developing and maintaining risk assessment systems for regulatory and management purposes;
performing level II monitoring and controls on credit quality, the composition and evolution of the various loan portfolios and the proper classification and measurement of individual exposures ("single name" controls);
performing level II monitoring and controls to monitor non-credit risks;
continuously and iteratively validating risk measurement and management systems used both to calculate capital requirements and for non-regulatory purposes, to assess their compliance with regulatory provisions, company operational needs and reference market demands and to manage the internal validation process at Group level.

The Chief Risk Officer Governance Area structures implement the management and strategic guidelines along the Bank's entire decision-making process, down to individual operational units. They also develop and maintain risk measurement, management and control systems compliant with applicable regulations and international best practices, as described in the Notes to the financial statements and the Pillar III – Basel III Disclosure.

The Chief Compliance Officer

The Chief Compliance Officer reports directly to the Managing Director and CEO, and is independent from operating structures and separate from internal auditing; this function ensures the monitoring of regulatory compliance risk at Group level, covering both operational and reputational risk, including the risk of sanctions, losses or damage arising from improper conduct towards customers or such as to jeopardise the integrity and orderly functioning of the markets (so-called conduct risk).

The Chief Compliance Officer is also the direct superior of the Anti Financial Crime Head Office Department, whose duties and responsibilities include, inter alia, those of the anti-money laundering ("AML") function.

The Chief Compliance Officer Governance Area performs the following tasks:

defining the guidelines and methodological rules for monitoring and assessing compliance risk;
identifying and assessing compliance risks and the related controls, and planning the necessary mitigation measures;
identifying the applicable regulations, assessing their impact on corporate processes and procedures and proposing the resulting organisational and procedural changes;
providing support to the corporate structures in all matters that might involve compliance risk and in the preliminary assessment of innovative projects, including the launching of new activities and the entry in new markets, of operations and new products and services to be placed on the market;
monitoring the adequacy and effective application of internal processes and procedures and of the organisational changes implemented to prevent compliance risk; more broadly, monitoring compliance with external and internal regulations by the corporate structures;
fostering a corporate culture founded on the principles of honesty, fairness and respect for the spirit and the letter of the rules;
managing relations with the Authorities with regard to compliance issues and non-compliance events.

The Chief Compliance Officer reports directly to the Governing Bodies and has access to all the Bank's activities, as well as any useful information for the performance of his/her duties.

The regulatory scope and the procedures for monitoring regulatory areas subject to significant compliance risks for the Group are defined in the Group Compliance Guidelines, in the Guidelines for combating money laundering and the financing of terrorism and for managing embargoes and in the Group Anti-Corruption Guidelines. The Chief Compliance Officer reports to the Corporate Bodies on the adequacy of compliance monitoring, with reference to all regulatory areas applicable to the Bank showing compliance risks.

The Chief Compliance Officer and the Head of Anti-Money Laundering also provide guidance, coordination and control to subsidiaries not covered by an outsourcing contract and to the International Branches, which have an internal compliance/anti-money laundering function and a local Compliance/AML Officer. The subsidiaries' Compliance/AML Officers report to the relevant Chief Compliance Officer Governance Area structures in functional terms, whereas those of the Branches report hierarchically, save where this is not permitted by the local legislation.

The Manager responsible for preparing the Company's financial reports and the monitoring of the financial reporting process

Pursuant to Article 154-bis of the Consolidated Law on Finance, Intesa Sanpaolo appoints a Manager responsible for preparing the Company's financial reports.

He/she meets specific professionalism requirements, namely appropriate mastery of financial accounting and management and control of the related administrative procedures, as required by the Articles of Association; he/she must also meet the integrity requirements established by the applicable legislation for the members of the control bodies of listed companies.

The Manager responsible for preparing the Company's financial reports has adequate powers and means for the performance of his/her functions; to this end, he/she relies on:

a dedicated organisational structure supporting him/her, which is adequate in terms of number and technical and professional skills;
the Administration and Tax Head Office Department structures;
the contribution:
monitoring the risks for the Group's Divisions, also by developing and maintaining risk assessment
performing level II monitoring and controls on credit quality, the composition and evolution of the various loan portfolios and the proper classification and measurement of individual exposures
continuously and iteratively validating risk measurement and management systems – used both to calculate capital requirements and for non-regulatory purposes, to assess their compliance with regulatory provisions, company operational needs and reference market demands and to manage

The Chief Compliance Officer is also the direct superior of the Anti Financial Crime Head Office Department, whose duties and responsibilities include, inter alia, those of the anti-money laundering

identifying the applicable regulations, assessing their impact on corporate processes and procedures
providing support to the corporate structures in all matters that might involve compliance risk and in the preliminary assessment of innovative projects, including the launching of new activities and the entry in new markets, of operations and new products and services to be placed on the market; - monitoring the adequacy and effective application of internal processes and procedures and of the organisational changes implemented to prevent compliance risk; more broadly, monitoring
fostering a corporate culture founded on the principles of honesty, fairness and respect for the spirit
managing relations with the Authorities with regard to compliance issues and non-compliance events.

The Chief Compliance Officer reports directly to the Governing Bodies and has access to all the Bank's

defining the guidelines and methodological rules for monitoring and assessing compliance risk; - identifying and assessing compliance risks and the related controls, and planning the necessary

jeopardise the integrity and orderly functioning of the markets (so-called conduct risk).

The Chief Compliance Officer Governance Area performs the following tasks:

and proposing the resulting organisational and procedural changes;

compliance with external and internal regulations by the corporate structures;

activities, as well as any useful information for the performance of his/her duties.

report hierarchically, save where this is not permitted by the local legislation.

systems for regulatory and management purposes;

the internal validation process at Group level.

performing level II monitoring and controls to monitor non-credit risks;

("single name" controls);

Basel III Disclosure.

("AML") function.

mitigation measures;

and the letter of the rules;

showing compliance risks.

The Chief Compliance Officer

of the corporate control functions and, in particular, the Internal Audit Department, which is responsible for conducting overall assurance activities over the internal control system as indicated in the "Integrated Internal Control System Regulation" and from which the said Manager acquires the outcomes of the activities carried out, in relation to the effects on the financial reporting process and on the reliability of corporate information;
of the other functions of the Parent Company and the Group companies.

The correctness of the company financial reports and of the financial reporting process are monitored in compliance with the provisions of Article 154-bis of the Consolidated Law on Finance and its implementing provisions as well as the rules on the administration and accounting system applicable to corporations controlling non-EU companies (Article 15 of Consob Market Regulation No. 20249/2017).

For the purposes of the aforesaid legal and regulatory provisions, the Manager responsible for preparing the Company's financial reports provides Group-wide guidance and coordination in administrative matters and in the monitoring of the internal control system for accounting and financial reporting and supervises the fulfilment of the legal obligations with a Group-wide approach, defined by specific internal regulations.

Control over the accounting and financial reporting process is based on the review of:

the adequacy of the processes and procedures followed to draft the company's financial reports and any other relevant financial disclosure pursuant to Article 154-bis of the Consolidated Law on Finance. The audits focus on the work stages which, within business processes, entail the recording, processing, evaluation and presentation of data and information, as well as on the controls on IT architecture and applications, especially with reference to process management and the development of synthesis systems for financial reporting;
the completeness and consistency of the information disclosed to the market through the maintenance of a system of reports and information flows with the functions of the Parent Company and companies on the significant events for the purposes of accounting and financial reporting, especially as regards the main risks and uncertainties to which they are exposed.

Italian legislation refers to no predefined standards for assessing the adequacy of the administrative and accounting procedures and ensuring the effectiveness of the related internal control system and technology infrastructure.

The international benchmarks – typically also used by independent auditors – are the COSO Framework¹ for internal control systems and the COBIT Framework² for information systems. Intesa Sanpaolo follows these benchmarks since they ensure uniformity of analysis and valuation methodologies with internationally accepted practice, based on authoritative references and widely recognised, regularly updated and accompanied by interpretative notes fostering smooth and straightforward dialogue with the regulators, the independent auditors, the relevant bodies and among the control functions.

In this regard, "financial reporting risk" has been included in the Group's integrated risk taxonomy and a measurement metric has been defined that is consistent with the principles of the "Integrated internal control system regulation".

Lastly, it should be noted that to assess the adequacy of the relevant financial reporting processes, the Manager responsible for preparing the Company's financial reports uses the results of the controls carried out by the Structures reporting directly to him/her, by the Internal Audit Department and the other Corporate Control Functions. To this end, in the Group Control Coordination and Non-Financial Risks Committee belonging to the Integrated Internal Control System, the Corporate Control Functions and the Manager responsible for preparing the Company's financial reports share their annual verification plans and their findings. Any critical issues arising from inspections conducted by external entities (Independent Auditors, Supervisory Authorities) relating to financial reporting risk are also gathered and assessed.

The Legal Affairs Head Office Department – Group General Counsel

The Legal Affairs Head Office Department, in accordance with the organisational model, oversees legal risks at Group level; more specifically:

it manages pre-litigation and litigation in and out of court for the Parent Company and for the Group companies on an outsourcing basis; it monitors, steers and coordinates the management of Group litigation, assessing its risk and reporting about it to the Corporate Bodies of Intesa Sanpaolo;
it provides legal advice and assistance to the head office structures of the Parent Company, the BdT Division, the IMI CIB Division - on matters concerning factoring, leasing and, in any case, for all the Italian local structures -, the International Subsidiary Banks Division and the Group Companies having an outsourcing arrangement;
it provides legal advice and assistance to the other Divisions of Intesa Sanpaolo for the IMI CIB Division outside the matters indicated above - and to the Group Companies not having an outsourcing arrangement for cross-cutting legal issues, and provides guidance and coordination to said companies' legal functions;
it defines guidelines, directives and instructions for the management of the Group's legal risk and contributes to the definition of guidelines, directives and instructions for the management of the other business risks, collaborating to this end with the Chief Risk Officer and the Chief Compliance Officer;
it collaborates in the management of relations with the Supervisory Authorities, examining the legal aspects and contributing to the drafting of replies.

The Surveillance Body and the Organisational, Management and Control Model pursuant to Legislative Decree 231/2001

The Surveillance Body – appointed by the Board of Directors on 24 May 2019 – is tasked with overseeing the effective and proper functioning and updating of the Organisational, Management and Control Model ("Model") pursuant to Italian Legislative Decree 231/2001 on the administrative liability of entities. R. 33 e)

Also in the light of the governance model adopted by the Bank, the Body is composed of three individuals not belonging to Intesa Sanpaolo, who meet specific professionalism, integrity and independence requirements and are therefore able to ensure autonomy, independence, professionalism and integrity in the performance of the duties entrusted to the Body. Three alternate members have also been appointed.

The Bank's choice to appoint a Body composed entirely of external members is intended to ensure and strengthen the Body's independence from the management functions. In performing its supervisory and R. 33 g)

¹ The COSO Framework was prepared by the Committee of Sponsoring Organizations of the Treadway Commission, the U.S. organisation dedicated to improving the quality of financial reporting through ethical standards and an effective corporate governance and organisation system.

² The COBIT Framework - Control OBjectives for IT and related technology - is a set of rules prepared by the IT Governance Institute, the U.S. organisation set up to define and improve the standards of corporate IT.

control duties, the Body liaises and interacts directly with the heads of the Internal Audit and Compliance Departments. Said department heads, within the scope of their responsibility, provide the Body with appropriate information and fact-finding support, thereby ensuring coordination between the various players of the internal control and risk management system set up in accordance with the Code of Corporate Governance. Coordination is strengthened by joint meetings held by the Body with a cooperation approach with the Management Control Committee and/or other Committees for issues of mutual interest, each within the scope of their responsibilities.

The scope of activities, operational arrangements and duties of the Body, which met 11 times in 2021, in addition to being set out in the Model, are also detailed in the "Regulations for the Surveillance Body pursuant to Legislative Decree 231/2001".

In July 2021, the Body updated its Regulations. The changes included: simplification of the paragraphs on information flows; implementation of the new regulatory updates to the Model; and the requirements for the Body's standing members to submit to the Board of Directors the documentation needed by the Board to carry out its annual assessment of the suitability requirements under the Model.

Pursuant to the aforementioned Regulations, on 29 April 2021 the Body appointed Andrea Cortellazzo as its Chairman until the Shareholders' Meeting approving the financial statements as at 31 December 2021.

The Body and the Management Control Committee promptly exchanged relevant data and information, and coordinated their work in joint meetings on matters of mutual responsibility. The Body also held meetings with the Risks Committee on issues of mutual interest.

The Body is also required to submit, at least every six months, to the Board of Directors and to the Management Control Committee, a specific report on the adequacy of and compliance with 231 Model.

Members	Independent pursuant to Article 148 (3) of the CLF	Independent pursuant to the Code	Attendance percentage at meetings
Andrea Cortellazzo - Chair	X	X	100%
Paolo Vernero	X	X	100%
Franco Dalla Sega	X		91%
Elena Brero (alternate)	X	X	N/A
Oreste Cagnasso (alternate)	X	X	N/A
Silvano Corbella (alternate)	X	X	N/A

Composition and attendance

The Legal Affairs Head Office Department, in accordance with the organisational model, oversees legal

it manages pre-litigation and litigation in and out of court for the Parent Company and for the Group companies on an outsourcing basis; it monitors, steers and coordinates the management of Group litigation, assessing its risk and reporting about it to the Corporate Bodies of Intesa Sanpaolo; - it provides legal advice and assistance to the head office structures of the Parent Company, the BdT Division, the IMI CIB Division - on matters concerning factoring, leasing and, in any case, for all the Italian local structures -, the International Subsidiary Banks Division and the Group Companies
it provides legal advice and assistance to the other Divisions of Intesa Sanpaolo - for the IMI CIB Division outside the matters indicated above - and to the Group Companies not having an outsourcing arrangement for cross-cutting legal issues, and provides guidance and coordination to
it defines guidelines, directives and instructions for the management of the Group's legal risk and contributes to the definition of guidelines, directives and instructions for the management of the other business risks, collaborating to this end with the Chief Risk Officer and the Chief Compliance Officer; - it collaborates in the management of relations with the Supervisory Authorities, examining the legal

The Surveillance Body and the Organisational, Management and Control Model pursuant to

The Bank's choice to appoint a Body composed entirely of external members is intended to ensure and strengthen the Body's independence from the management functions. In performing its supervisory and

¹ The COSO Framework was prepared by the Committee of Sponsoring Organizations of the Treadway Commission, the U.S. organisation dedicated

to improving the quality of financial reporting through ethical standards and an effective corporate governance and organisation system. ² The COBIT Framework - Control OBjectives for IT and related technology - is a set of rules prepared by the IT Governance Institute, the U.S.

The Legal Affairs Head Office Department – Group General Counsel

the control functions.

assessed.

control system regulation".

risks at Group level; more specifically:

having an outsourcing arrangement;

aspects and contributing to the drafting of replies.

organisation set up to define and improve the standards of corporate IT.

said companies' legal functions;

Legislative Decree 231/2001

appointed.

R. 33 e)

R. 33 g)

For each category of offences contemplated by Italian Legislative Decree 231/2001, the Model identifies "sensitive" company areas and, for each area, the company activities exposed to the risk of said offences being committed (so-called "sensitive activities"). For each sensitive activity, mandatory control principles and rules of conduct have been established for the people involved in those activities.

Specifically, the Model outlines the reference legal framework, the role and responsibility of the structures involved in its adoption, implementation and updating, the "sensitive" areas in respect of the offences and the corporate activities possibly at risk, the rules of conduct and controls for their prevention, the relevant information flows and the applicable penalties.

The Model is fully and effectively implemented in daily operations through the connection between each sensitive area and the dynamic management of processes and the reference internal regulations. These regulations establish rules of conduct and control for each activity and thus govern company operations at the various levels, forming an integral part of the Model itself.

The Model was last updated in December 2020.

During the 2021 financial year, no procedural or organisational changes such as to require further review of the Model were made.

Thus, the Body ensures constant and independent supervision over the regular performance of Bank processes to prevent and/or identify the emergence of risky conduct or events. It assesses the operational nature of the internal control system as a whole and its adequacy in guaranteeing the

effectiveness and efficiency of the control processes identified, and ensures their compliance with the policies established by the Governance Bodies and with internal and external regulations.

In order to pursue its functions with total independence, the Body has autonomous spending powers based on an annual budget, approved by the Board based on the favourable opinion of the same Body.

As for the specific activities carried out in 2021, the following highlights are provided:

constant monitoring, through meetings with the head of the Safety and Protection Department, of the development of the measures adopted by the Bank to mitigate the risks associated with the COVID-19 emergency, with particular reference to health and safety in the workplace;
regular monitoring of the implementation of the Code of Ethics and the social and environmental responsibility principles;
analysis of the periodic reports issued by the corporate control functions;
in-depth analyses requested by the Body on the topics of (i) Cyber Risk, (ii) purchase of "Superbonus" receivables and other tax credits in the construction sector, and (iii) monitoring of relationships with external legal advisors;
analysis of the updated Guidelines for combating money laundering and the financing of terrorism and for managing embargoes;
the analysis of the Internal Audit Department's Report on the controls carried out in 2020 on the essential or important functions outsourced outside the Group;
monitoring of the strengthening of the financial crime controls in place at the New York branch and more generally in the Group's international operations;
review of the results of the checks carried out by the Internal Audit Department and the other competent corporate functions following reports made by the Body.

With regard to the promotion of the Model, Intesa Sanpaolo continued to implement the internal communication and staff training plan to strengthen awareness of the requirements of the Decree and of the Organisation Model adopted, so as to ensure that full knowledge of the topic and compliance with the rules become embedded in each employee's professional profile.

Furthermore, without prejudice to the separate responsibility of each Group company to adopt and implement their own models under Legislative Decree 231/2001, the Bank, in its capacity as Parent Company, has prepared a series of guidelines on this topic for its subsidiaries covering, among other things, the appointment of the Surveillance Body, the preparation of staff training plans, the implementation of suitable controls for sensitive processes, and periodic reports to the Parent Company's Compliance Department.

The Surveillance Bodies of the subsidiaries are responsible for monitoring the functioning of the model adopted by each of the subsidiaries and the fulfilment of the obligations laid down in the regulations and for submitting their reports on the activities carried out, usually every six months, to the Management Control Committee and the Parent Company's Surveillance Body. During 2021, all of the sub-holdings and the main subsidiaries of the Bank aligned their respective models with the updates to the Parent Company's 231 Model as prepared by the Body and approved by the Board of Directors during the previous financial year.

The Organisational, Management and Control Models adopted by Intesa Sanpaolo and the Italian Group companies are available in the Governance section of the Bank's website.

Independent Auditing

Since Intesa Sanpaolo is a listed company (Public Interest Entity pursuant to the relevant regulations), the statutory auditing of its accounts must be carried out by an independent auditing firm (Independent Auditors). In the audit report, the independent auditors formalise their professional opinion on the annual and consolidated financial statements, formed following the auditing activities carried out and the conclusions reached on the basis of the audit findings acquired. The audit report also expresses an opinion on the consistency of the Report on Operations and of some specific information contained in the Report on Corporate Governance and Ownership Structures with the financial statements and on their compliance with regulatory requirements. The audit report also includes the "Key Audit Matters", i.e. the aspects that, according to the auditors' professional opinion, were most significant in the context of the audit of the financial statements in question. The independent auditors are also entrusted, on a

voluntary basis, with the limited review of the consolidated half-yearly report and the consolidated interim statements.

effectiveness and efficiency of the control processes identified, and ensures their compliance with the

In order to pursue its functions with total independence, the Body has autonomous spending powers based on an annual budget, approved by the Board based on the favourable opinion of the same Body.

constant monitoring, through meetings with the head of the Safety and Protection Department, of the development of the measures adopted by the Bank to mitigate the risks associated with the COVID-
regular monitoring of the implementation of the Code of Ethics and the social and environmental
in-depth analyses requested by the Body on the topics of (i) Cyber Risk, (ii) purchase of "Superbonus" receivables and other tax credits in the construction sector, and (iii) monitoring of relationships with
analysis of the updated Guidelines for combating money laundering and the financing of terrorism
the analysis of the Internal Audit Department's Report on the controls carried out in 2020 on the
monitoring of the strengthening of the financial crime controls in place at the New York branch and
review of the results of the checks carried out by the Internal Audit Department and the other

The Organisational, Management and Control Models adopted by Intesa Sanpaolo and the Italian Group

policies established by the Governance Bodies and with internal and external regulations.

As for the specific activities carried out in 2021, the following highlights are provided:

19 emergency, with particular reference to health and safety in the workplace;

analysis of the periodic reports issued by the corporate control functions;

essential or important functions outsourced outside the Group;

competent corporate functions following reports made by the Body.

the rules become embedded in each employee's professional profile.

companies are available in the Governance section of the Bank's website.

more generally in the Group's international operations;

responsibility principles;

external legal advisors;

and for managing embargoes;

Company's Compliance Department.

previous financial year.

Independent Auditing

In order to monitor compliance with the laws governing independent auditing firms engaged for the auditing of the accounts of Group companies, by ensuring the conditions to protect the independence of independent auditors, Intesa Sanpaolo applies the "Group Regulation for the granting of assignments to independent auditors and their networks" which established a supervision system to monitor the nature and eligibility of the proposed mandates for the provision of services by auditors and related parties.

The independent auditors are Ernst & Young S.p.A, appointed by the ordinary Shareholders' Meeting of 30 April 2019 for financial years 2021-2029, upon a reasoned proposal of the Management Control Committee.

Part IV – Summary Tables Table no. 1: Composition of the Board of Directors and Committees

Board of Directors								Management Committee Control		Nomination Committee		Remuneration Committee		Committee Risks		Transactions Related Party Committee
Director	Age	since office In	Executive	Slate (1)	(2) Independent	No. of other pursuant to offices held article 17 169/2020 M.D.	(3)	Positi (4) on	(3)	(4) Positi on	(3)	Positi (4) on	(3)	(4) Positi on	(3)	Positi (4) on	(3)
Chairman
Gian Maria Gros-Pietro	80	2013/05/09		Ms		1	100%			M	100%
Deputy Chairman
Managing Director and Paolo Andrea Colombo CEO	61	2016/04/27		Ms	X	2	100%			M	100%	C	100%
Carlo Messina	59	2013/09/29	X	Ms			100%
Directors
Franco Ceruti	69	2016/04/27		Ms			100%					M	100%	M	100%
Rossella Locatelli	61	2013/04/22		Ms	X	1	100%							C	100%	M	100%
Luciano Nebbia	68	2019/04/30		Ms		1	100%					M	100%
Bruno Picca	71	2013/05/09		Ms		1	100%			M	100%			M	100%
Livia Pomodoro	81	2016/04/27		Ms	X	1	100%			C	100%
Maria Alessandra Stefanelli	58	2019/04/30		Ms	X		100%									M	100%
Guglielmo Weber	63	2019/04/30		Ms	X		96%							M	100%
Daniele Zamboni	62	2016/04/27		ms	X		100%							M	98%	C	100%

Board of Directors								Management Committee Control		Nomination Committee		Remuneration Committee		Committee Risks		Transactions Committee Related Party
Director	Age	In office since	Executive	Slate (1)	(2) Independent	No. of other offices held pursuant to article 17 169/2020 M.D.	(3)	Positi (4) on	(3)	Positi (4) on	(3)	Positi (4) on	Positi on (3)	(3) (4)	Positio (4) n	(3)
Maria Mazzarella	71	2016/04/27		ms	X		100%			M	100%				M	100%
Anna Gatti	50	2019/04/30		ms	X	3	100%					M	100%
Sironi (*) Andrea	57	2019/12/02		Ms	X	1	100%					M	95%		M	93%
Fabrizio Mosca	53	2019/04/30		Ms	X	3	100%	M	100%
Teresa Motta Milena	62	2016/04/27		Ms	X	1	100%	M	100%
Maria Cristina Zoppo	50	2016/04/27		Ms	X	3	100%	M	100%
Alberto Maria Pisani	67	2016/04/27		ms	X		100%	C	98%
(*) Roberto Franchini	66	2020/04/27		ms	X		100%	M	100%

(1) Ms = "majority" slate / ms = "minority" slate

(2) Independent pursuant to art. 13.4 of the Articles of Association, the Corporate Governance Code and article 148, paragraph 3, of the Consolidated Law on Finance

(3) Attendance percentage at, respectively, Board of Directors and Committees meetings

(4) Position in the Committee: "C": Chairman; "M": Member (*) Appointed by the Shareholders' Meeting held on 27 April 2020, following resignation from office by two Directors. Director Andrea Sironi resigned from office, effective 28 February 2022. Table no. 2: Lists of other management and control offices of Board Directors in other companies and entities

Board of Directors

Director Maria Mazzarella

Anna Gatti

Andrea

Sironi (*) Fabrizio Mosca 53

Milena

Teresa Motta Maria Cristina Zoppo

Alberto Maria Pisani

Roberto Franchini

(1)

Ms = "majority"

slate / ms

(2) Independent pursuant to

(3) Attendance percentage at,

art.

(4) Position in the Committee: "C": Chairman; "M": Member

= "minority" slate

13.4 of the Articles of Association, the Corporate Governance Code and

respectively, Board of Directors and Committees meetings

(*) Appointed by the Shareholders' Meeting held on 27 April 2020, following resignation from office by two Directors. Director Andrea Sironi resigned

article

148, paragraph

of the Consolidated Law on Finance

from office, effective 28 February 2022.

(*)

2020/04/27

2016/04/27

2019/04/30

2019/12/02

71 50

2019/04/30

2016/04/27

ms ms Ms Ms Ms Ms ms ms

X 3

X 1

X 3

X 1

X 3

X 100%

100%

98%

100%

Age

In office since

Executive

Slate (1)

Independent (2)

No. of other

offices held

pursuant to

article 17

(3)

Positi on (4)

(3)

Positi on (4)

(3)

Positi on (4)

(3)

Positi on (4)

(3)

Positio n (4)

(3)

M.D.

169/2020

X 100%

100% M M

95%

93%

100%

Management

Nomination

Remuneration

Risks

Related

Party

Transactions

Committee

Control

Committee

Director	Position	E/NE	Company/Entity	R
Gian Maria Gros-Pietro	Director Director Director	NE	Associazione Bancaria Italiana Università Guido Carli ABI Servizi S.p.A. LUISS – ABI –	•
Paolo Andrea Colombo	Chair, Board of Statutory Auditors Director	NE NE	Colombo & Associati S.r.l. Humanitas S.p.A.	• •
Carlo Messina	Director Director		Associazione Bancaria Italiana Università Bocconi ABI –
Franco Ceruti	Chair, Board of Directors Chair, Board of Directors Chair, Board of Directors Director Director	NE NE NE	S.r.l. (1) Fondazione per l'Innovazione del Terzo Settore (1) Intesa Sanpaolo Expo Institutional Contact Intesa Sanpaolo Private Banking S.p.A. Società Benefit Cimarosa 1 S.p.A. (1) CCIAA Milano Monza Brianza Lodi
Anna Gatti	Director Director Director	NE NE NE	Wizz Air Holdings PLC Fiera Milano S.p.A. WiZink Bank S.A.	• • •
Rossella Locatelli	Member, Supervisory Board Chair, Board of Directors Chair, Board of Directors Director Director	NE NE NE NE NE	Darma Asset Management SGR S.p.A. in administrative compulsory (2) Società per la Bonifica dei Terreni Ferraresi S.p.A. Società Agricola (2) Consorzi Agrari d'Italia S.p.A. (2) B.F. Agricola S.r.l. - (2) B.F. S.p.A. liquidation	•
Maria Mazzarella	-
Luciano Nebbia	Deputy Chairperson, Board of Directors Director	NE	Fondazione Parchi Monumentali Bardini Peyron Equiter S.p.A.	•

Director	Position	E/NE	Company/Entity	R
Bruno Picca	Member, Management Board		Interbank Deposit Protection Fund - Voluntary Scheme	•
Livia Pomodoro	Member, Executive Board Chair, Board of Directors Chair, Executive Board Director Director	NE	Milan Center for Food Law and Policy Accademia di Belle Arti di Brera Fondazione Sodalitas Touring Club Italiano Febo S.p.A.	•
Andrea Sironi (*)	Deputy Chairperson, Board of Directors Chair, Steering Committee Chair, Board of Directors	NE	Fondazione AIRC per la Ricerca sul Cancro Borsa Italiana S.p.A. Università Bocconi	•
Maria Alessandra Stefanelli	-
Guglielmo Weber	-
Daniele Zamboni	-
Alberto Maria Pisani	-
Roberto Franchini (*)	Chair, Board of Statutory Auditors/Board of Auditors Member, Executive Board		Fondazione per l'Infanzia Ronald Mc Donald Italia British Chamber of Commerce for Italy (***)
Fabrizio Mosca	Chair, Board of Statutory Auditors Chair, Board of Statutory Auditors Chair, Board of Statutory Auditors Chair, Board of Statutory Auditors Standing Statutory Auditor Standing Statutory Auditor Sole Director	NE NE NE NE NE NE E	Bolaffi Metalli Preziosi S.p.A. (3) M. Marsiaj & C. S.r.l. (4) Aste Bolaffi S.p.A. (3) Moncanino S.p.A. (4) Bolaffi S.p.A. (3) Olivetti S.p.A. Fly S.r.l. (**)	• • •

Director	Position	E/NE	Company/Entity	R
Milena Teresa Motta	Director	NE	Strategie & Innovazione S.r.l.	•
Maria Cristina Zoppo	Chair, Board of Statutory Auditors Standing Statutory Auditor Director	NE NE NE	Juventus Football Club S.p.A. Schoeller Allibert S.p.A. Newlat Food S.p.A.	• • •
E/NE = Executive/Not Executive

E/NE = Executive/Not Executive

R = Positions relevant pursuant to article 17, Ministerial Decree no. 169/2020

(1) Companies belonging to Intesa Sanpaolo Group
(2) Companies belonging to B.F. Holding Group
- (3) Companies belonging to Bolaffi Group
(4) Companies belonging to Marsiaj Group
(*) appointed by the Shareholders' Meeting held on 27 April 2020, following resignation from office by two Directors. Director Andrea Sironi resigned from office, effective 28 February 2022
- (**) company incorporated at the exclusive aim of managing personal economic interests
  - (***) No-profit entity with registered office in the United Kingdom.

103

Appendix

Table no. 1: "Check List"

	Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Page of Report
	Article 1. Role of the board of directors
P I	The board of directors leads the company by pursuing its sustainable success.		page 46
P II	The board of directors defines the strategies of the company and the group it heads in accordance with principle I and monitors its implementation.		page 46, 47
P III	The board of directors defines the corporate governance system that is most functional for carrying out the company's business and pursuing its strategies, taking into account the flexibility offered by the legal framework. If necessary, the board of directors evaluates and promotes the appropriate changes and submit them to the shareholders' meeting when such changes are necessarily subject to the shareholders' vote.		page 45, 51, 58
P IV	The board of directors promotes dialogue with shareholders and other stakeholders which are relevant for the company, in the most appropriate way.		page 40, 41
R 1	The board of directors:
	a) reviews and approves the business plan of the company and the group it heads, also on the basis of matters that are relevant for the long-term value generation. That analysis is carried out with the possible support of a committee whose composition and functions are defined by the board of directors;		page 46
	b) periodically monitors the implementation of the business plan and assesses the general course of the business, comparing the results achieved with those planned;		page 47
	c) defines the nature and level of risk compatible with the company's strategic objectives, including all the elements that can be relevant for the company's sustainable success;		page 46
	d) defines the corporate governance system of the company and the structure of the group it heads, and assesses the adequacy of the company's organisational, administrative and accounting structure and of its strategically important subsidiaries, with particular reference to the internal control and risk management system;		page 46, 47
	e) approves transactions of the company and its subsidiaries that have a significant impact on the company's strategies, profitability, assets and liabilities or financial position; to this end, it establishes the general criteria for identifying significant transactions;		page 46
	f) on proposal of the chair in agreement with the chief executive officer, adopts a procedure for the internal and external management of documents and information concerning the company, with particular reference to inside information, in order to ensure the correct management of corporate information.		page 41, 46, 60, 76
R 2	If deemed necessary for the effectiveness of the company's corporate governance system, the board of directors develops specific proposals to be submitted to the shareholders' meeting on the following issues:		page 46, 51, 58

	Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Page of Report
	a) choice and characteristics of the corporate model (traditional, "one-tier", "two-tier"); b) size, composition and appointment of the board of directors and term of office of its members; c) structure of the shares' administrative and property rights; d) percentages established for the exercise of the prerogatives set up to safeguard minority shareholders. In particular, if the board of directors intends to propose to the shareholders' meeting the introduction of increased voting rights (so-called "voto maggiorato"), it provides adequate reasons in the report that will be submitted to the shareholders prior to their annual meeting. The report indicates the expected effects on the company's ownership and control structure and its future strategies. In the same report, the board discloses the decision-making process followed for the definition of such a proposal and any dissenting opinions voiced within the board.
R 3	Upon proposal of the chair in agreement with the chief executive officer, the board of directors adopts and describes in the corporate governance report a policy for managing dialogue with the generality of shareholders, taking also into account the engagement policies adopted by institutional investors and asset managers. The chair ensures that the board of directors is in any case informed, within the first suitable meeting, of the development and the significant contents of the dialogue that has taken place with all the shareholders.	 	page 40
	Article 2. Composition of the corporate bodies
P V	The board of directors is comprised of executive and non executive directors. All directors ensure professional skills and competence that are appropriate to their tasks.		page 47, 51, 52
P VI	The number and skills of non-executive directors ensure significant influence in the decision-making process of the board and guarantee an effective monitoring of management. A significant number of non-executive directors is independent.		page 47, 61
P VII	The company applies diversity criteria, including gender ones, to the composition of the board of directors, ensuring the primary objective of adequate competence and professionalism of its members.		page 47, 48
P VIII	The control body's composition is appropriate for ensuring the independence and professionalism of its function.		page 63, 64, 65
R 4	The board of directors defines the delegation of managerial powers and identifies who among the executive directors holds the position of chief executive officer. If the chair is entrusted with the position of chief executive officer or with significant managerial powers, the board of directors explains the reasons for this choice.		page 46, 51
R 5	The number and skills of independent directors are appropriate to the needs of the company and to the well-functioning of the board of directors, as well as to the establishment of board committees.		page 47, 53
	The board of directors includes at least two independent directors, other than the chair.
	In large companies with concentrated ownership, independent directors account for at least one third of the board.

E-MARKET
CERTIFIED

	Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Page of Report
	In other large companies, independent directors account for at least half of the board.(*)
	In large companies, independent directors meet, in the absence of the other directors, on a periodic basis and at least once a year to evaluate the issues deemed of interest to the functioning of the board of directors and to the corporate management.		page 54
R 6	The board of directors assesses the independence of each non executive director immediately after his or her appointment. The assessment is renewed during the mandate upon the occurrence of circumstances that concern his or her independence and at least once a year.		page 54
	Each non-executive director provides all the elements necessary or useful for the assessment of the board of directors. On the basis of all the information available, the board considers any circumstance that affects or could affect the independence of the director	
R 7	The circumstances that jeopardise, or appear to jeopardise, the independence of a director are at least the following: a) if he or she is a significant shareholder of the company; b) if he or she is, or was in the previous three financial years, an executive director or an employee: - of the company, of its subsidiary having strategic relevance or of a company subject to joint control; - of a significant shareholder of the company; c) if he or she has, or had in the previous three financial years, a significant commercial, financial or professional relationship, directly or indirectly (for example through subsidiaries, or through companies of which he or she is an executive director, or as a partner of a professional or a consulting firm): - with the company or its subsidiaries, or with their executive directors or top management; - with a subject who, also together with others through a shareholders' agreement, controls the company; or, if the control is held by a company or another entity, with its executive directors or top management; d) if he or she receives, or received in the previous three financial years, from the company, one of its subsidiaries or the parent company, significant remuneration other than the fixed remuneration for the position held within the board and for the membership in the committees recommended by the Code or required by law; e) if he or she has served on the board for more than nine years, even if not consecutive, of the last twelve years; f) if he or she holds the position of executive director in another company whereby an executive director of the company holds the office of director; g) if he or she is a shareholder, quota-holder or director of a company or other legal entity belonging to the network of the external auditor of the company; h) if he or she is a close relative of a person who is in any of the circumstances set forth in previous letters. The board of directors defines ex ante, at least at the beginning of its mandate, the quantitative and qualitative criteria for assessing	 	page 53, 54
	the significance of the situations set forth above in letters c) and d). If the director is also a partner in a professional or a consulting firm, the board of directors assesses the significance of the professional relationships that may have an effect on his or her position and role within the professional or the consulting firm and

	Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Page of Report
P XII	Each director ensures adequate time commitment for the fulfilment of their board responsibilities.		page 52, 55, 65
R 11	The board of directors develops internal rules that define the functioning of the board and its committees, including the means for recording the minutes of the meetings and the procedures for providing information to directors. These procedures identify the prior notice for the submission of the documentation, ensuring that confidentiality issues are properly managed without affecting the timeliness and completeness of the flow of information.		page 45, 59, 69, 76
	The corporate governance report provides adequate information on the main contents of the board of director's internal rules and on compliance with the procedures aimed at ensuring the timeliness and adequacy of the information provided to the directors.	
R 12	The chair of the board of directors, with the help of the board secretary, ensures that:
	a) the pre-meeting information and the complementary information provided during the meeting are suitable to allow directors to act in an informed manner;		page 51, 59, 60
	b) the activity of the board committees with preliminary, propositional and consultative functions is coordinated with the activity of the board of directors;		page 51, 60
	c) in agreement with the chief executive officer, the managers of the company and those of the companies of the group it heads, who are competent on the issues concerned, participate in the relevant board meetings to provide appropriate insights on the items on the agenda, also upon request of one or more directors;		page 51, 61
	d) all the members of the board of directors and control body can take part, after the appointment and during the mandate, in initiatives aimed at providing them with adequate knowledge of the industry in which the company operates, the company dynamics and their evolution, also in relation to the company's sustainable success. Such initiatives also cover the risk management issues as well as any relevant part of the regulatory and self-regulatory framework;		page 55
	e) to provide for the adequacy and transparency of the board review, with the support of the nomination committee.		page 58
R 13	The board of directors appoints an independent director as lead independent director: a) if the chair of the board of directors is the chief executive officer or holds significant managerial powers; b) if the office of chair is held by the person who controls, also jointly, the company; c) in large companies, even in the absence of the conditions indicated in letter a) and b), if requested by the majority of independent directors.		page 54

	Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Page of Report
R 14	The lead independent director: a) collects and coordinates the requests and contributions of non executive directors and, in particular, of independent ones; b) coordinates the meetings of the independent directors.		page 54
R 15	In large companies, the board of directors expresses its guidelines on the maximum number of offices that can be considered compatible with an effective performance and the time commitment required by the role of the directors. The relevant offices are those held in corporate bodies of other listed companies and of companies having a significant size.		page 55, 65
R 16	The board of directors sets up internal committees with preliminary, propositional and consultative functions regarding appointments, remuneration and control and risks. These functions can be either assigned to the three board committees recommended by the Code or distributed in a different manner or even combined in a single committee. In any case, the company ensures an adequate disclosure on the tasks and activities carried out by each of the assigned functions, as well as an adequate composition of each committee.		page 45, 69
	The functions of one or more committees can even be assigned to the board of directors, under the coordination of the chair, provided that: a) independent directors represent at least half of the board; b) the board dedicates adequate sessions to the performance of such functions. (*)
	In the event that the functions of the remuneration committee are assigned to the board of directors, the last paragraph of recommendation 26 applies. (*)
	Companies other than large ones may assign the functions of the control and risk committee to the board of directors even in absence of the condition set forth above in letter a). (*)
	Companies with concentrated ownership, even large ones, can assign the functions of the nomination committee to the board of directors even in absence of the condition set forth above in letter a). (*)
R 17	The board of directors defines the tasks of the committees and their composition, favouring the competence and experience of their members and avoiding, in large companies, an excessive concentration of offices.		page 69
	Each committee is coordinated by a chair who informs the board of directors about the committee's activities at the first useful board meeting.	
	The chair of the committee may invite the chair of the board of directors, the chief executive officer, the other directors and, by informing the chief executive officer, the managers of the corporate functions that are competent on the matters of the committee meeting, to individual committee's meetings. The members of the control body can attend the meetings of each committee.	
	Board committees can have access to the information and the corporate functions that are necessary for the performance of their duties. Board committees have adequate financial resources and can avail themselves of external consultants according to the	

	Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Page of Report
	conditions set forth by the board of directors.
R 18	The board of directors, upon proposal of the chair, provides for the appointment and dismissal of the board secretary and defines his or her professional requirements and attributes in the board's internal rules.		page 59, 62
	The board secretary supports the activities of the chair and provides impartial assistance and advice to the board of directors on all aspects relevant to the proper functioning of the corporate governance system.	
	Article 4. Appointment of directors and board evaluation
P XIII	The board of directors ensures, within its competence, that the process of appointment and succession of directors is transparent and functional to achieve the optimal composition of the board according to the principles set forth in Article 2.		page 49, 50, 52
P XIV	The board of directors periodically evaluates, through formalised procedures, its effectiveness and the contribution made by individual directors. The implementation of the board evaluation procedures is supervised by the board itself.		page 57, 68
R 19	The board of directors entrusts the nomination committee to support it on: a) the evaluation of the board and its committees; b) the definition of the optimal composition of the board and its		page 70 page 70
	committees; c) the identification of candidates in case of the director's co		page 70
	optation; d) the possible submission of a slate by the outgoing board, ensuring the transparency of the process that led to the slate's structure and proposition;		page 49
	e) the development, updating and implementation of succession plan for the chief executive officer and the other executive directors.		page 71
R 20	The majority of directors of the nomination committee are independent.		page 69
R 21	The board evaluation assesses the size, composition and functioning of the board and its committees. It includes also the board's active involvement in the definition of the company's strategy and in the monitoring of the management of the company's business as well as the appropriateness of the internal control and risk management system.		page 57, 68
R 22	The board evaluation is conducted at least every three years, before the renewal of the board of directors.		page 57, 68
	In large companies other than those with concentrated ownership, the board evaluation is conducted on an annual basis and can be diversified according to the term of the board's mandate. In such companies, the board considers whether to appoint an external facilitator for its evaluation at least once every three years.	

	Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Page of Report
R 23	In companies other than those with concentrated ownership, the board of directors: - sets forth guidelines on board composition deemed optimal before its renewal, considering the outcome of the board evaluation; - requires anyone submitting a slate with a number of candidates that is higher than half the number of members to be elected to provide adequate information on the compliance of the slate with the board guidelines mentioned above, and with the board diversity criteria set forth in principle VII and recommendation 8. In such cases, the slate also identifies its candidate for the chairmanship of the board, whose appointment is conducted according to the company's bylaws. All the information mentioned in this paragraph are disclosed in the documentation attached to the slate during its filing process. The board guidelines are published on the company's website before the publication of the notice of the shareholders' meeting convened for the board's renewal. They identify the managerial and professional profiles and the skills deemed necessary, having due consideration of the company's sectoral characteristics, the board diversity criteria set forth in principle VII and recommendation 8 as well as the board guidelines on the maximum number of offices set forth in recommendation 15.	 	Page 48, 50
R 24	In large companies, the board of directors: - elaborates, with the support of the nomination committee, a plan for the succession of the chief executive officer and executive directors by identifying, at least, the procedures to be followed in the event of an early termination of office;		page 52, 71
	− ascertains the existence of appropriate procedures for the succession of the top management.	
	Article 5. Remuneration
P XV	The remuneration policy for directors, members of the control body and the top management contributes to the pursuit of the company's sustainable success and takes into account the need to have, retain and motivate people with the competence and professionalism deemed adequate for their role.		page 77
P XVI	The remuneration policy is developed by the board of directors through a transparent procedure.		page 46, 77
P XVII	The board of directors ensures that the remuneration paid and accrued is consistent with the principles and criteria defined in the policy, considering the results achieved and any other circumstances relevant for its implementation.		page 46, 72
R 25	The board of directors entrusts the remuneration committee with the task of: a) supporting it in the development of the remuneration policy; b) submitting proposals or expressing opinions on the remuneration of executive directors and other directors who hold specific responsibilities, as well as on the setting of performance objectives related to the variable component of this remuneration; c) monitoring the actual application of the remuneration policy and verifying the effective achievement of the performance objectives; d) periodically assessing the adequacy and overall consistency of the remuneration policy for directors and the top management.	   	page 71, 77 page 71, 72 page 72 page 72

	Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Page of Report
	In order to have people with adequate competence and professionalism, the remuneration of executive and non-executive directors and of the members of the control body is defined with due consideration of the remuneration practices that are common with regards to the company's reference sectors and size. It also considers comparable international practices, with the possible support of an independent consultant.		page 77
R 26	The remuneration committee is made up of non-executive directors, the majority of whom are independent, and is chaired by an independent director. At least one member of the committee has adequate knowledge and experience in financial matters or remuneration policies; such skills are assessed by the board of directors before his or her appointment.		page 69, 71, 78
	No director takes part in the meetings of the remuneration committee in which proposals relating to his or her remuneration are made.		page 72
R 27	The remuneration policy for executive directors and the top management defines: a) a balance between the fixed and the variable component which is consistent with the company's strategic objectives and risk management policy. Consistency is assessed taking into consideration the business's characteristics and the industry of the company. The variable component has in any case a significant weight on the overall remuneration; b) caps to the variable components; c) performance objectives, to which is linked the payment of the variable components, that are predetermined, measurable and predominantly linked to the long-term horizon. They are consistent with the company's strategic objectives and with the aim of promoting its sustainable success and includes non financial parameters, where relevant; d) an adequate deferral of a significant part of the variable component that has been already accrued. Such a deferral period is consistent with the company's business activity and its risk profile; e) provisions that enable the company to recover and/or withhold, in whole or in part, the variable components already paid-out or due, where they were based on data which subsequently proved to be manifestly misstated. The company can identify other circumstances in which such provisions are applied; f) clear and predetermined rules for possible termination payments, establishing a cap to the total amount that might be paid out. The cap is linked to a certain amount or a certain number of years of remuneration. No indemnity is paid out if the termination of the office is motivated by director's objectively inadequate results.		page 77
R 28	The share-based remuneration plans for executive directors and the top management are aligned with the interests of the shareholders over a long-term horizon, providing that a predominant part of the plan has an overall vesting and holding period of at least five years.		page 78

	Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Page of Report
R 29	The remuneration of non-executive directors is adequate to the competence, professionalism and commitment required by their role within the board of directors and its committees; this remuneration is not related to financial performance objectives, except for a non-significant part.		page 77
R 30	The remuneration of the members of the control body is adequate to the competence, professionalism and commitment required by their role and the company's size, industry and current situation.		page 77
R 31	On the occasion of the termination of office and/or dissolution of the relationship with an executive director or general manager, a press release is published as soon as the internal processes that led to the assignment or the recognition of any indemnities and/or other benefits has been concluded. The press release provides for detailed information on: a) the assignment or the recognition of indemnities and/or other benefits, the circumstances that justify their accrual (e.g. due to the expiration of the term of office, its termination or a settlement agreement) and the decision-making process followed for this purpose within the company; b) the total amount of the indemnity and/or other benefits, the related components (including non-monetary benefits, the vesting of rights connected with incentive plans, the compensation for non-competitive commitments or any other remuneration allocated to any reason and in any form) and the timing of their disbursement (distinguishing the part paid immediately from the part subject to deferral mechanisms); c) the application of any claw-back or malus clauses; d) the compliance of the elements indicated in letters a), b) and c) consistently with the remuneration policy, with a clear indication of the reasons and the decision-making process followed in the event of non-compliance, even if only partial, with the policy itself; e) the procedures that have been or will be followed for the replacement of the executive director or the general manager whose office has been terminated.		page 78
Article 6. Internal control and risk management system
P XVIII	The internal control and risk management system consists of a set of rules, procedures and organisational structures for an effective and efficient identification, measurement, management and monitoring of the main risks, aimed at contributing to the sustainable success of the company.		page 83
P XIX	The board of directors defines the guidelines of the internal control and risk management system in accordance with the company's strategies and annually assesses its adequacy and effectiveness.		page 83, 85
P XX	The board of directors defines the principles concerning the coordination and the flow of information among the parties involved in the internal control and risk management system. Such principles aim at maximising the effectiveness of the system itself, reducing the duplication of activities and ensuring the		page 76, 83, 84

successful performance of the duties of the control body.

	Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Page of Report
R 32	The organisation of the internal control and risk management
	system involves: a) the board of directors, which plays a role in guiding and		page 83, 85
	assessing the adequacy of the system; b) the chief executive officer, in charge of establishing and		page 83, 86
	maintaining the internal control and risk management system; c) the control and risk committee set up within the board of directors, with the task of supporting the board of directors' assessments and decisions relating to the internal control and risk management system and the approval of periodical financial and non-financial reports. In companies that adopt the "one-tier" or "two-tier" corporate model, the functions of the control and risk		page 73, 83, 85
	committee can be assigned to the control body; d) the head of the internal audit function who is in charge of verifying that the internal control and risk management system is functional, adequate and consistent with the guidelines defined by		page 83, 84, 88
	the board of directors; e) the other corporate functions involved in the internal control and risk management system (such as the risk management functions and the functions dealing with legal and non-compliance risk) which are articulated in relation to the company's size,		page 83, 84
	sector, complexity and risk profile; f) the control body, which monitors the effectiveness of the internal control and risk management system.		page 63, 83, 86
R 33	The board of directors, with the support of the control and risk
	committee: a) defines the guidelines of the internal control and risk management system consistently with the company's strategies and assesses, at least once a year, the adequacy of this system with respect to the company's characteristics and its risk profile, as well as its effectiveness;		page 85
	b) appoints and dismisses the head of the internal audit function, defining his or her remuneration which is consistent with the company policies. The board ensures that he or she has adequate resources to carry out his or her duties. If the internal audit function is entrusted, as a whole or by operating segments, to an external entity, the board ensures that it meets the adequate requirements of professionalism, independence and organisation, providing adequate reasons for this choice in the corporate governance report;		page 85, 88
	c) approves, at least on an annual basis, the work plan prepared by the head of the internal audit function, after hearing the control body and the chief executive officer;		page 85
	d) evaluates the opportunity to take measures to ensure the effectiveness and impartial assistance of the other corporate functions mentioned in recommendation 32(e). To this end, the board verifies that such functions have adequate professionalism and resources;		page 85
	e) assigns the supervisory functions pursuant to Art. 6(1)(b) of Legislative Decree No. 231/2001 to the control body or to a body established specifically for this purpose (the so-called functions of the "Organismo di Vigilanza"). If the body does not correspond to the control body, the board of directors considers whether to appoint within the body at least one non-executive director and/or a member of the control body and/or the head of a legal or supervisory function of the company, in order to ensure coordination among the various parties involved in the internal control and risk management system;		page 92

Principles and Recommendations of the Corporate Governance Code	adaptations as Applied with appropriate	Not applied	Page of Report
The control body and the control and risk committee promptly exchange relevant information for the performance of their respective duties. The chair or an other member of the control body designated by its chair, of the takes part control body in the meetings of the control and risk committee.			page 66, 68, 74, 86

(*) Recommendation incompatible with banking regulations or not applicable to Intesa Sanpaolo, as a large company with non-concentrated ownership

Table No. 2: "Art. 123-bis - Report on corporate governance and ownership structures"

	Art 123-bis - Report on corporate governance and ownership structures	Page of Report
	1. The report on operations of issuers with securities admitted to trading on regulated markets shall contain a specific section entitled: "Report on corporate governance and ownership structures", providing detailed information on:
	a) the capital structure, including securities not traded on a regulated market in an EU Member State, with an indication of the different classes of shares and, for each class of shares, the related rights and obligations and the percentage of total share capital represented;	page 37
	b) any restriction on the transfer of securities, e.g. limitations in the possession of securities or the need to obtain consent from the company or other securities holders;	page 37
c)	significant direct and indirect equity investments, for example through pyramid structures and cross-investments, as stated in reports submitted pursuant to article 120;	page 38
	d) if known, the holders of any securities with special control rights and a description of such rights;	page 37
	e) the mechanism for the exercise of voting rights in any employee share ownership scheme where voting rights are not exercised directly by the employees;	page 37
f)	any restrictions on voting rights, such as limitations of the voting rights of holders of a given percentage or number of votes, deadlines for the exercise of voting rights, or systems whereby, with the company's cooperation, the financial rights attached to the securities are separate from the holding of securities;	page 37, 44
	g) agreements known to the company pursuant to article 122;	page 38
	h) any significant agreements to which the company or its subsidiaries are parties and which take effect, alter or terminate upon a change of control of the company, and the effects thereof, except where their nature is such that their disclosure would be seriously prejudicial to the company; this exception shall not apply where the company is specifically obliged to disclose such information on the basis of other legal requirements;	page 38
i)	agreements between companies and directors, members of the management board or supervisory board which envisage indemnities in event of resignation or dismissal without just cause, or if their employment contract should terminate as a result of a takeover bid;	page 37
l)	rules applying to the appointment and replacement of directors and members of the management board or supervisory board, and to amendments to the articles of association, if different from those envisaged by legal and regulatory provisions applicable as supplementary measures;	page 49, 50, 65
	m) the existence of delegated powers regarding share capital increases pursuant to article 2443 of the Italian Civil Code or powers of the directors or members of the management board to issue equity instruments or to authorise the purchase of own shares.	page 37, 38

Art 123-bis - Report on corporate governance and ownership structures	Page of Report
2. In the same section of the report referred to in subsection 1, information shall be provided regarding:
a) adoption of a corporate governance code of conduct issued by regulated market management companies or trade associations, giving reasons for any decision not to adopt one or more provisions, together with the corporate governance practices actually applied by the company over and above any legal or regulatory obligations. The company shall also indicate where the adopted corporate governance code of conduct may be accessed by the public;	page 35
b) the main characteristics of existing risk management and internal control systems used in relation to the financial reporting process, including consolidated reports, where applicable;	page 91
the operating procedures of the shareholders' meeting, its main powers, c) shareholders' rights and their terms of exercise, if different from those envisaged by legal and regulatory provisions applicable as supplementary measures;	page 42
d) the composition and operations of the management and control bodies and their committees.	page 47, 51, 59, 65, 70
d-bis) a description of the diversity policies applied regarding the structure of the administrative, management and auditing bodies in relation to aspects such as age, gender and training/professional courses taken, with a description of the objectives, implementation methods and results of said policies. If no policy is applied, the company must clearly and precisely indicate the reasons for said choice	page 48

Glossary

Art 123-bis - Report on corporate governance and ownership structures Page of Report

In the same section of the report referred to in subsection 1, information shall be

a) adoption of a corporate governance code of conduct issued by regulated market management companies or trade associations, giving reasons for any decision not to adopt one or more provisions, together with the corporate governance practices actually applied by the company over and above any legal or regulatory obligations. The company shall also indicate where the adopted corporate governance code of conduct may be

b) the main characteristics of existing risk management and internal control systems used in relation to the financial reporting process, including

c) the operating procedures of the shareholders' meeting, its main powers, shareholders' rights and their terms of exercise, if different from those envisaged by legal and regulatory provisions applicable as supplementary

d) the composition and operations of the management and control bodies and

d-bis) a description of the diversity policies applied regarding the structure of the administrative, management and auditing bodies in relation to aspects such as age, gender and training/professional courses taken, with a description of the objectives, implementation methods and results of said policies. If no policy is applied, the company must clearly and precisely page 35

page 91

page 42

page 48

page 47, 51, 59, 65, 70

provided regarding:

accessed by the public;

measures;

their committees.

consolidated reports, where applicable;

indicate the reasons for said choice

European Central Bank or ECB

The European Central Bank, the EU institution responsible for the prudential supervision of banks within the Single Supervisory Mechanism, which comprises the same ECB and the national competent authorities. Its main aim is to contribute to the safety and soundness of the banking system and the stability of the financial system within the EU as well as to ensure a consistent and efficient prudential supervision (www.ecb.europa.eu)

Bank of Italy

Bank of Italy – the central bank of Italy, part of the Eurosystem comprising the central banks of the Eurozone and the European Central Bank – is a public institution whose main functions are designed to ensure, among others, the stability and efficiency of the financial system by pursuing the sound and prudent management of financial intermediaries as well as compliance with relevant laws in force (www.bancaditalia.it)

Italian Stock Exchange or Borsa Italiana

Borsa Italiana S.p.A. is the company responsible in Italy for the organisation, management and development of markets for the trading of financial instruments, on which Intesa Sanpaolo S.p.A. instruments are also listed (www.borsaitaliana.it)

c.c.

Italian Civil Code

Parent Company

Intesa Sanpaolo, the Parent Company of the Banking Group, pursuant to the Consolidated Law on Banking

Corporate Governance Code or Code

Corporate Governance Code, approved by the Corporate Governance Committee on 31 January 2020

Board

The Board of Directors of Intesa Sanpaolo

Director/Directors

Member/Members of the Board of Directors of Intesa Sanpaolo

Consob

Commissione Nazionale per le Società e la Borsa, the Italian financial market supervisory authority, which monitors the transparency and proper conduct of operators (www.consob.it)

Consolidated Non-financial Statement

Statement drawn up and published pursuant to Italian Legislative Decree No. 254/2016, implementing European Directive No. 2014/95/EU containing information on environmental, social, personnel-related issues, respect for human rights, and the fight against corruption

Manager responsible for preparing the Company's financial reports

Manager responsible for preparing the Company's financial reports (pursuant to Article 154-bis of the Consolidated Law on Finance)

Supervisory Provisions

Provisions issued by the Bank of Italy as part of its supervisory functions, applicable to banks and banking groups

Supervisory Provisions on remuneration

Provisions regarding remuneration and incentive policies and practices in banks and in banking groups, laid down in Circular 285 of 17 December 2013 (First Part, Title IV, Chapter 2)

Supervisory Provisions on corporate governance

Provisions on bank corporate governance, laid down in Circular 285 of 17 December 2013 (First Part, Title IV, Chapter 1)

Supervisory Provisions on the control system

Provisions on the banks' internal control system, laid down in Circular 285 of 17 December 2013 (First Part, Title IV, Chapter 3)

European Banking Authority or EBA

European Banking Authority, an independent European Union authority, which works to ensure an efficient and standardised level of regulation and prudential supervision in the European banking sector

Financial Stability Board or FSB

Financial Stability Board, an independent body that collaborates with the national and international financial institutions to develop and implement effective regulatory, supervisory and other specific sector policies in the interest of global financial stability (www.financialstabilityboard.org)

Banking Group or Intesa Sanpaolo Banking Group

The Banking Group is composed of the Parent Company Intesa Sanpaolo and the banking, financial and instrumental companies – with registered offices in Italy and abroad – controlled directly or indirectly by the Parent Company

Group or Intesa Sanpaolo Group

The Group is composed of the Parent Company Intesa Sanpaolo and the companies controlled directly or indirectly by the same, including

companies that are not part of the Banking Group – with registered offices in Italy and abroad

Intesa Sanpaolo or Company or Bank

Intesa Sanpaolo S.p.A.

Surveillance Body

Body with independent initiative and control powers, which is entrusted – according to Italian Legislative Decree No. 231/2001 on the administrative liability of companies – with the task of supervising effective implementation, operation and compliance with the Organisational, Management and Control Model pursuant to the aforesaid Decree

Borsa Italiana Regulations

Regulations governing markets organised and managed by Borsa Italiana

Issuers' Regulation

Regulation implementing the Consolidated Law on Finance and governing issuers, adopted by Consob Resolution No. 11971 of 14 May 1999, and subsequent amendments thereto

Consob Regulation on related parties

Regulation issued by Consob Resolution No. 17221 of 12 March 2010 (and subsequent amendments), governing transactions with related parties by companies using the equity capital market directly or through subsidiaries

RPT Procedures

Group Procedures regulating the conduct of transactions with Related Parties of Intesa Sanpaolo S.p.A., Associated Entities of the Group and Relevant Persons pursuant to Article 136 of the Consolidated Law on Banking, updated by the Board of Directors in June 2021

Report on Governance

The Report on Corporate Governance and Ownership Structures drawn up pursuant to Article 123-bis of the Consolidated Law on Finance

Report on Remuneration

The Report on the remuneration policy and the remuneration paid drawn up pursuant to Article 123 ter of the Consolidated Law on Finance and subsequent implementation provisions

Bank's website or Company's website

The website group.intesasanpaolo.com

Articles of Association

Intesa Sanpaolo's Articles of Association (available in the Governance section of the Bank's website)

Consolidated Law on Banking

Italian Legislative Decree No. 385 of 1 September 1993 – Consolidated Law on Banking

Consolidated Law on Finance (CLF)

Italian Legislative Decree No. 58 of 24 February 1998 – Consolidated Law on Finance

Contacts

companies that are not part of the Banking Group –

RPT Procedures

Board of Directors in June 2021

Report on Governance

Report on Remuneration

Articles of Association

Consolidated Law on Banking

1993 – Consolidated Law on Banking

Consolidated Law on Finance (CLF)

1998 – Consolidated Law on Finance

The Report on Corporate Governance and Ownership Structures drawn up pursuant to Article

The Report on the remuneration policy and the remuneration paid drawn up pursuant to Article 123 ter of the Consolidated Law on Finance and

Intesa Sanpaolo's Articles of Association (available in the Governance section of the Bank's website)

Italian Legislative Decree No. 385 of 1 September

Italian Legislative Decree No. 58 of 24 February

123-bis of the Consolidated Law on Finance

subsequent implementation provisions

Bank's website or Company's website The website group.intesasanpaolo.com

Regulations governing markets organised and

Regulation implementing the Consolidated Law on Finance and governing issuers, adopted by Consob Resolution No. 11971 of 14 May 1999, and

Regulation issued by Consob Resolution No. 17221 of 12 March 2010 (and subsequent amendments), governing transactions with related parties by companies using the equity capital market directly

with registered offices in Italy and abroad

Intesa Sanpaolo or Company or Bank

pursuant to the aforesaid Decree

subsequent amendments thereto

Consob Regulation on related parties

Borsa Italiana Regulations

managed by Borsa Italiana

Issuers' Regulation

or through subsidiaries

Intesa Sanpaolo S.p.A.

Surveillance Body

Intesa Sanpaolo S.p.A.

Registered office:

Piazza San Carlo, 156 10121 Torino Telephone: +39 011 5551

Secondary registered office: Via Monte di Pietà, 8 20121 Milano Telephone: +39 02 87911

Parent Company Corporate Advisory, Corporate Duties and Governance [email protected]

Internet: group.intesasanpaolo.com

Editing and production: Agema® S.p.A.

GALLERIE D'ITALIA. FOUR MUSEUMS, A NATIONWIDE CULTURAL NETWORK.

Gallerie d'Italia enables Intesa Sanpaolo to share its artistic and architectural heritage with the general public: the art collections of the Bank, ranging from archaeological artefacts to contemporary works of art, are housed in historic buildings located in four cities, in a unique network of museums.

Gallerie d'Italia - Piazza Scala in Milan hosts, in a highly prestigious architectural setting, a selection of two hundred masterpieces of the nineteenth century in Lombardy, that are part of art collections of Fondazione Cariplo and Intesa Sanpaolo, and an exhibition dedicated to twentieth century Italian art.

Gallerie d'Italia - Palazzo Leoni Montanari, Vicenza is home to art of the region Veneto from the 1700s as well as pottery from Attica and Magna Graecia. It also holds one of the most important collections of Russian icons in the West.

Gallerie d'Italia - Palazzo Zevallos Stigliano, Naples hosts the Martyrdom of Saint Ursula, the last known painting by Caravaggio, alongside more than 120 examples of Neapolitan art dating from the early 17th to the early 20th century. New premises within the majestic building which was formerly the Bank of Naples in Via Toledo mean that the museum space is tripled in size, increasing exhibition opportunities.

There is also the newly-open fourth location of Gallerie d'Italia in Piazza San Carlo in Turin, a site which is mainly dedicated to photography and the digital world.

Cover photo:

Gaspar van Wittel (also known as Gaspare Vanvitelli, or Gaspare degli Occhiali) (Amersfoort, 1652 - Rome, 1736) A View of the Piazza Navona in Rome, 1688-1721 oil on canvas, 62.5 x 125.5 cm Intesa Sanpaolo Collection Gallerie d'Italia - Palazzo Zevallos Stigliano, Naples

A View of the Piazza Navona in Rome is a work by Gaspar van Wittel. A Dutch painter who relocated to Italy, he is considered the forerunner of modern vedutism, as a result of the almost topographic precision of the scene.

The painting belongs to a series of nine landscapes that van Wittel dedicated to Piazza Navona between 1688 and 1721, the largest square in Rome after St. Peter's Square, and undoubtedly the most picturesque thanks to its market and countless related activities. The piazza, a "grand example of theatrical Baroque" was blessed in the mid-seventeenth century with an architectural renovation that gave it a reputation as one of the most beautiful squares in Rome, famous for the magnificence of its buildings and fountains. The view is from the first floor of Palazzo Lancelotti; on the left, the light highlights a series of buildings including the Church of Sant'Agnese in Agone which was rebuilt under the guidance of Francesco Borromini. On the right, in the shadows and strongly shortened, it is possible to see the sixteenth century façade of San Giacomo degli Spagnoli; the roof terrace of Palazzo Altemps stands out against the background, while in the centre there is the Fontana dei Fiumi by Gian Lorenzo Bernini and the sixteenth-century fountains known as del Moro and dei Calderari.

The painting excels for its splendid colours and the clarity of its lines and volumes. The sky is intensely bright with a hue of light blue that is characteristic of the Dutch artist's best works.

The work is part of the art collections on permanent display in Gallerie d'Italia of Intesa Sanpaolo in Naples. The collection traces the most important moments of art in Naples and Campania from the early seventeenth century up to the first decades of the twentieth century, from Caravaggio and the naturalist turning point which took place with the artist's arrival in the city in 1606, right up to the works by Vincenzo Gemito, through the pomp and splendour of the Spanish viceroyalty and the Bourbon era.

Report on Corporate Governance and Ownership Structures

AI Terminal

Intesa Sanpaolo

4465_cgr_2022-03-23_399fbe6b-a144-4d51-95d3-96e2c063cdb5.pdf

Report on Corporate Governance and Ownership Structures

Contents

Introduction

Overview

Corporate Governance model

Shareholders' Meeting

Board Committees

Nomination Committee

Remuneration Committee

Committee for Transactions with Related Parties

BOARD COMMITTEES

NOMINATION COMMITTEE

REMUNERATION COMMITTEE(*)

Paolo Andrea Colombo

(C) Franco Ceruti Anna Gatti Luciano Nebbia Andrea Sironi

RISKS COMMITTEE

Rossella Locatelli (C)

COMMITTEE FOR TRANSACTIONS WITH RELATED PARTIES

Board of Directors, Management Control Committee and Board Committees

Board of Directors' breakdown

Distinctive skills and expertise within the Board of Directors

Board induction

Thematic areas examined in the Board of Directors' meetings in 2021

Thematic areas examined in the Management Control Committee's meetings in 2021

Thematic areas examined in the Risks Committee's meetings in 2021

Board of Directors' meetings in 2021

Management Control Committee's meetings in 2021

Board Committees

Board Evaluation

Results of the Self-assessment: adequacy and best practices

Remuneration

Control and risk management system

The internal control system is based on three levels:

Level I

Level II

Chief Audit Officer

Share capital and ownership structure

Ownership structure by geographical area

Ownership structure by size of shareholding

Shareholders' Meeting

Shareholders' rights

Shareholders' majorities

Share capital attendance at the Shareholders' Meeting in the last five years

The sustainability commitment

Focus: Environment and Climate Change

Sustainability governance

Board of Directors

Risks Committee

Management Control Committee

Managing Director and CEO

Steering Committee

ESG Control Room

ESG & Sustainability - Financial Market Coverage Department, Chief Financial Officer Area

The Intesa Sanpaolo Group

Compliance with the Italian Corporate Governance Code

Part I - Ownership structure and investor relations

Information on ownership structure

Share Capital

Securities traded on non-European markets

Own shares

Shareholder Base

Main Shareholders

Shareholders' agreements

"Change of control" clauses

Allocated assets

Policy for the management of dialogue with investors

Relations with shareholders and the financial community – The website

The Shareholders' Meeting: procedures and shareholders' rights

Intesa Sanpaolo's Shareholders' Meeting

Calling meetings and procedure at meetings

Additions to the agenda and submission of new proposed resolutions

Right to ask questions on items on the agenda

Participation and representation – The Designated Representative

Voting rights

Challenges against shareholder meeting resolutions

Right of withdrawal

Part II - Corporate governance system